Don't Let Your PC Become a Porn Zombie
More than a thousand Windows PCs were hijacked recently, unbeknownst to their owners, to send spam and distribute pornography. This was done via a Trojan known as Migmaf (migrant Mafia) that turned their machines into proxies, or relay points, which hid the real servers involved. (For more information, see the article at www.wired.com/news/print/0,1294,59608,00.html.) The victim machines, controlled from afar, are often called zombies. Here's how to keep your PC from becoming a zombie in the service of spammers, pornographers, and malicious hackers.

It's important to understand that although mainstream news coverage of such exploits is a recent development, these activities have been occurring practically since the general public was allowed to use the Internet in the early 1990s. Back then, hackers who wanted to cover their tracks would take control of machines running certain programs that let Windows-based PCs share Internet connections (before Microsoft built Internet Connection Sharing into the operating system). They'd then use these machines as proxies for their attacks on other systems. When investigators tried to trace the break-ins, they would find only the Windows machine, which kept no record of the hacker's whereabouts.


Pornography and spam make for good headlines, but the purposes for which most compromised machines are used are not nearly as sensational. Most often, machines are used as repositories for warez—pirated software—or as rendezvous points for IRC sessions among hackers. They're also commonly used as soldiers (or zombies) in distributed denial-of-service (DDoS) attacks, in which large numbers of computers focus a barrage of network traffic on a single company or computer system. In most cases, users whose machines are compromised never know that their systems are being used for nefarious purposes.

You can protect your machine by learning to recognize the signs that your computer is being invaded. Are the lights on your cable/DSL modem, or network hub flashing wildly when you're not doing anything on the Net? Is your hard drive seeking frantically when the system ought to be idle? Does your system seem sluggish? While none of these symptoms are sure signs that your computer has become a zombie, they merit investigation.

If you're running Windows, try typing netstat-a in a command window. Do you see established connections to other machines, even when your browser and e-mail programs are closed? If so, your computer could be compromised. (For helpful information on the ports Trojans generally use, as well as the free PestPatrol Port Checker utility, check out http://pestpatrol.com/Support/About/About_Ports_And_Trojans.asp#advice.)


http://www.pcmag.com/article2/0,4149,1268110,00.asp