Anti-spyware, anti-virus software and system patches are all vital in the fight to protect your Web applications against viruses, worms and spyware.

But what about bots? Not the kind that Google sends out to crawl the Web for information served up in search queries, but the kind that crawl your website or Web application for code weaknesses. Such Web application code weaknesses can grant access to your computer and your network, opening the door for others to steal, manipulate or even sell your information.

Baseline Magazine devoted the cover story of its April 2006 issue to bot attacks, and its website chronicles bot attacks for 2005. The article refers to network attacks from bots that travel through relay channels, seeking holes to exploit in network systems. What is overlooked, however, are Web applications; the gateway to your network. And no corporate or government entity is fully protected or fully aware of such attacks.

A “bot” is a type of malware, or malicious software, that lets an attacker gain complete control of an infected computer. Malicious bots function much like the Googlebot, but instead of crawling your website for information relevant to search queries, malicious bots are crawling your website looking for code weaknesses within the Web application that grant access to your database server and your network. They often appear as page hits (or 404 server errors) in Website statistics or log files as a legitimate “.exe” file hit or a string of letters and numbers that look like nonsense to the untrained eye.

Exploiting such code weaknesses in Web applications gives bots the ability to get behind a corporate firewall and into the corporate network where it can search for vulnerable computers, creating a botnet, or bot network. With a botnet behind a firewall, botmasters have free reign over information on infected PCs and within the network. They can capture password information, change or manipulate files like customer information or personnel records and steal that information to use for extortion.

With bot-building kits available over the Internet for free or for a small price, and the swiftness with which bot attacks happen, it is a long and difficult process to trace an attack back to its original source. To help you get a jump start on website and Web application preventive measure, click here for information on the five most common website and Web application vulnerabilities that are highly prone to bot attacks, and what you can do to prevent them.

Following these tips, along with standard preventive measures such as anti-spyware, anti-virus software and firewalls are helpful in preventing bot attacks. However, botmasters are quick to adapt their bots and have them search for new weaknesses in Web applications, or a way around a new patch. The battle shifts from stopping attacks in progress and cleaning machines after the fact to preventing bot attacks on Web applications in the first place. To prevent bot attacks, you need to analyze you website statistics, log files and have an intrusion prevention system.