Zombie Repellant
Learn how to protect your PC.Michael Desmond
Like the viruses and worms of yore (and those of last Monday, for that matter), today's zombie networks rely largely on lax security to flex their muscles. Unlike the screaming teens in horror movies, you wouldn't open your front door to the undead--and by the same token, you shouldn't leave your PC's door open to hackers. Here's how to protect yourself.
1. Patch and update Windows, Internet Explorer, and other applications. Unpatched operating systems are one of the leading causes of rampant PC infection on the Internet. Use the Windows Update feature to close vulnerabilities.
2. Run a firewall application, such as the improved firewall in Windows XP SP2, or even better, use the free versions of ZoneLabs ZoneAlarm or Sygate Personal Firewall. Firewalls restrict access to your PC's networking resources and allow you to keep tabs on which programs access the Internet. If an oddly named or unknown program suddenly wants permission to talk to the network, you may be seeing bot code in action. Cable and DSL subscribers should also consider a hardware firewall--such as those included in virtually all consumer wireless network routers--to provide heightened security.
3. Close port 6667, if you can. Most bot and zombie networks communicate over Internet Relay Chat, a multiuser chat system that lets computer users trade real-time messages with each other over the Internet. Bot and zombie network code often uses IRC to send commands to infected PCs. By closing port 6667, you close the default door used by many bot networks to control PCs. Hardware firewalls typically let you close specific ports from browser-based controls; however, some software firewalls lack this capability.
4. Install, use, and update an antivirus program. Many PCs inadvertently join bot networks by running virus code in an e-mail attachment, downloaded file, or even a compromised JPEG image. Commercial antivirus applications like Norton AntiVirus and McAfee VirusScan can detect and nullify infected files and attachments before they get a toehold on your PC. To ensure the antivirus program is effective, you should check for new virus signatures at least daily--otherwise, a newly minted virus might slip past your defenses.
5. Perform frequent spyware sweeps. Spyware and adware software can sit quietly in the background and track your movements, redirect your Web browser, and even log keystrokes or harvest financial data from your PC's hard drive. Use Lavasoft Ad-Aware or Spybot Search & Destroy to find and knock out known spyware and adware components on your PC.
6. Turn off administrator privileges. For day-to-day work, log onto your PC using a limited user account rather than an administrator account. This can prevent applications from silently installing under your current log-on, since the limited account category doesn't allow system changes or software installations. When you need to install an application, you can log in as an administrator, complete the installation, and then sign back in with your user-level account.
7. Abandon Internet Explorer. Sorry to say, but the world's most popular Web browser is also the most popular with virus writers. Install and run an alternative browser--such as Mozilla, Firefox, or Opera-- that attracts fewer exploits and promises reduced exposure to infection.
8. Turn your PC off at night. As bot software writers get more sophisticated, they get better at blending in. By performing spam distribution and software updates at night, when PC users are away, bot networks can reduce the chance of detection by users. Turn off unused PCs to reduce the window of opportunity for your system to be contacted by bot network servers or to transmit spam. You also reduce opportunities for a port scan or other exploit to breach your PC's defenses.