In the following report by ICANN, you can see how the whole global Botnet service operates globally.

You will learn how anyone, even those without the skills to create a Botnet, can still hire their services.

Fast and Double Flux Attacks 2
Version 1.0 January 2008
Introduction
"Fast flux" is an evasion technique that cyber-criminals and Internet miscreants use to evade identification and to frustrate law enforcement and anticrime efforts aimed at locating and shutting down web sites used for illegal purposes.

Fast flux hosting is an application of technology that supports a wide variety of cyber-crime activities (fraud, identity theft, online scams) and is considered one of the most serious threats to online activities today.

Basic fast flux hosting uses rapid modification of IP addresses associated with a system that hosts a malicious activity to evade detection and take down efforts.

This technique is also used to rapidly modify the IP addresses of the name servers that resolve the domain names of the fluxed malicious hosts (this variant is sometimes called NS fast flux).

A particularly troublesome variant of fast flux hosting, "double flux",
fluxes addresses of both name servers and malicious (web server) hosts.

This Advisory describes the technical aspects of fast flux hosting and fast flux service networks.

It explains how the DNS is exploited to abet criminal activities that employ fast flux hosting, identifying the impacts of fast flux hosting, and calling particular attention to the way such attacks extend the malicious or profitable lifetime of the illegal activities conducted using these fast flux techniques.

It describes current and possible methods of mitigating fast flux hosting at various points in the Internet. The Advisory discusses the pros and cons of these mitigation methods, identifies those methods that SSAC considers practical and sensible, and recommends that appropriate bodies consider policies that would make the practical mitigation methods universally available to registrants, ISPs, registrars and registries (where applicable for each).

Caller ID Spoofing is big business. Learn how it works and how anyone can do it.

A Los Angeles computer security consultant agreed Friday to plead guilty to using computer spyware that he planted in other people's computers to steal identities, U.S. federal prosecutors said.

MYRTLE BEACH --

For months, a sophisticated hacker has been stealing the personal data of American corporate executives.

Hot on the hacker's trail is Joe Stewart. The former bass-guitarist-turned-cyber-sleuth stumbled onto the case in February.

Since then, the 36-year-old Stewart has spent weeks in his office, in a nondescript building next to a half-abandoned strip mall here, virtually chasing the mysterious perpetrator across several continents.

Stewart early on thought he had traced the scammer to China, then realized it was a false lead. Only when the perpetrator stumbled did Stewart get a break in the case.

Somewhere in St. Petersburg, Russia's second city, a tiny start-up has struck Internet gold. Its dozen-odd employees are barely old enough to recall the demise of the Soviet Union, but industry analysts believe they're raking in well over $100 million a year from the world's largest banks, including Wells Fargo and Washington Mutual.

Their two-year rise might be the greatest success story of the former Eastern Bloc's high-tech boom - if only it weren't so illegal. But the cash may be coming from your bank account, and they could be using the computer in your den to commit their crimes.

Preatoni is the founder of Wabisabilabi, a Switzerland-based company that bills itself as an auction site for the software bugs that companies like Microsoft never want anybody to see. He spoke at Microsoft in late September as an invited guest at Microsoft's semi-annual Blue Hat security conference.

But what had been an edgy invite by Microsoft's Blue Hat planners took on a new dimension this week, when Preatoni was arrested in Milan on charges relating to a national spying scandal at Telecom Italia, Italy's largest telephone carrier.

When it comes to computer security, Doug Jacobson is tired of playing nice.

For years, Iowa State University researchers like Jacobson have been utilizing computer simulations to create defenses against hackers and other information bandits. But these traditional programs are difficult to interface with real-world equipment, and they fall short of generating the perfect environment for obliterating security breaches.

PROVIDENCE — A hacker’s attack on the secretary of state’s Web site not only put the site out of business for several days this week, it also forced at least one small local board — the Exeter Fire District Board of Commissioners — to cancel the meeting it had planned for last night because it could not post its meeting notice electronically, as required by law, at least 48 hours in advance.

You know about the Storm Trojan, which is spread by the world's largest botnet. But what you may not know is there's now a new peer-to-peer based botnet emerging that could blow Storm away.

"We're investigating a new peer-to-peer botnet that may wind up rivaling Storm in size and sophistication," says Tripp Cox, vice president of engineering for startup Damballa, which tracks botnet command and control infrastructures. "We can't say much more about it, but we can tell it's distinct from Storm."

"If we lose the Internet, we do not simply lose the ability to e-mail or to surf the Web. We lose access to our data. We lose our connectivity. We lose our intellectual property. We lose our security.