Opinion: How do I tell if my computer is a zombie?
There are several blacklist reporting sites to help you discover if you're a zombie
PC World - Q: How do I tell if my computer is a zombie? -- Wendell Daar, via the Internet
A: Talk about a scary phenomenon. Through a virus or worm, a criminal takes over your PC, which behaves normally until it receives instructions over the Internet to mass mail spam, take down a company's network as part of a DDoS attack or log your keystrokes to gain access to your bank account. When it's done, your system reverts to acting like a normal PC.
You can't easily tell if your PC has been zombified. The usual malware warning signs -- computer slowdowns, odd behavior -- apply to zombies, though they could easily be signs of lesser problems. Watch your firewall software for strange outgoing traffic. Run multiple online virus scanners (browse to How Can I Tell If My PC Has Caught a Virus? for details). Also check out Symantec's free Norton AntiBot Beta, which specifically looks for bot infections. Still, don't consider yourself safe in the event that AntiBot doesn't turn anything up.
Some zombie or bot software can hide itself from virus and malware scanners by installing a rootkit. Free rootkit-revealing software such as Sophos Anti-Rootkit and Sysinternals' RootkitRevealer can help, err, root those infections out.
Though your ISP can identify zombies among its clientele, that doesn't necessarily mean you can contact the company's support staff and reach someone who knows what you're talking about.
I got mixed results with my own ISP, AT&T Yahoo. When I phoned tech support, I reached someone who'd never heard of a zombie. An e-mail query yielded another ignorant reaction, but a forceful rejoinder from me produced a useful-sounding letter promising to inform me of any suspicious behavior.
Unfortunately, according to Trend Micro network architect Paul Ferguson, it's not in ISP's economic interest to be especially diligent or helpful about this. "The vast majority do nothing at all," he warned.
If e-mail bounces back to you with a message that you've been blocked, your address may be on a spam blacklist -- most likely as a result of being zombified. More than 100 such blacklists exist, and many ISPs use one or more of them to block the IP addresses of known spammers. If you're on one or two such lists, most of your mail will get through, but some will not.
Even if your e-mail isn't bouncing, it's a good idea to find out whether you've been blacklisted. First, go to http://checkip.dyndns.org/ To view the IP address you send out to the world -- probably your router's. Select the displayed address and choose Edit, Copy to copy it to your clipboard.
There are several blacklist reporting sites. My favorite is Robtex. Paste your IP address into the only field on the page, and click Go. Robtex will list a great many blacklist sites. If any of them are red, you've got a problem. Use the list's contact information to find out why you're on that list and how to get off of it.
Finally, remember that prevention is the best medicine. Keep Windows and your antivirus, firewall and other security software up to date. Those precautions will reduce the chances of infection from almost certain to reasonably unlikely.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts