April 2, 2009

April 2, 2009

How to Protect Your Computer
Fighting Back Against Botnets

Welcome to another day in my life. I will let you know I am writing this ahead of time on March 31st since I believe my computer has become infected with the new virus. So I will be having to shop for a new one if it died on the 1st as some were predicting.

If your computer is suddenly running very slowly, even though you don't have many programs open, that may be a sign that somebody else is using your machine's computing power for other purposes. One way to check is to close every program, especially e-mail, and then hold down control, alt and delete keys at the same time. Choose "task manager," then choose "performance." If the graph shows that a large percentage of your computer's processing power is in use, even though you aren't really doing anything, that may mean your computer is being used by somebody else. Also in Task Manager, you can check the "networking" tab, and if your Internet connection is in heavy use even though you closed your e-mail, that's another sign of an invasion.

If your security software alerts you that you have a "rootkit" virus, beware. Rootkits are extra devious viruses that hide themselves deep in the root of your computer and then open a "back door" for other malicious programs to enter. A computer with a rootkit virus is one step away from being taken over. Rootkits are designed to be difficult to detect, just like botnets.

In extreme cases, your computer may lock up for hours at a time because it is so busy doing the "bot herder's" bidding. Eighty percent of the world's spam is sent using botnets, so if your computer has become a spam sender, your Internet service provider could actually blacklist you.

Check your e-mail "sent" box. Are there messages there that were not sent by you? That's a big, bad sign that somebody is using your screen name to send spam.

How can you keep your computer from being taken over?

Assume your computer is a target. Crooks don't personally come looking for innocent computers like yours, but they have created programs that constantly troll the Internet for them. One hour online without your virus protection turned on is enough to get nabbed by one of these roving programs.

If you have a PC, keep your Windows patched and up to date. You know those annoying pop ups that say "A Windows update is available. Do you want to download it now?" Yup. You need to do it. Most infections happen to computers that have not been patched.

Install a well-regarded security suite (anti-virus, anti-spyware, etc.) and make sure it is set to a mode that automatically updates continuously whenever the computer is on. Then, buy the new subscription every year to make sure you are still protected. Last year's security software won't cut it. For that matter, last week's won't protect you either. Malicious programs crop up constantly.

Don't leave your computer on. If it's connected to a high-speed Internet connection, that just gives hackers more opportunities to access it. And once they take it over it gives them more time to use your machine's computing power for their own ends. Turn your computer all the way off at night and before going away. "Sleep" mode is not good enough.

Install a router. Usually they're used in homes where there is more than one computer, but it's worth buying one even if you only have a single machine because they have built-in firewalls in them. It's a cheap way to remove your computer one step from the open Internet. The router is connected to the Internet instead, and your computer is behind that.

If you don't use a router, then buy a software firewall.

Download free software selectively. Know the source of the software and that it is safe. Never take a gamble. One of the biggest new cyber scams out there are fake antivirus programs created by crooks that actually take over your computer instead of protecting it.

Practice safe computing. Don't click on attachments unless you know who they are from. Don't even open spam e-mails. Just delete them. Never, ever respond to an e-mail that claims to be from a financial institution and asks you to verify your personal information. And don't click on pop-ups unless you know they are safe. (One way to tell if a pop-up is questionable is to hit the "escape" key when you see one and see if that makes it go away.) Don't visit questionable Web sites that may harbor viruses that can then worm their way into your computer and take it over.

Macintosh computers are not immune from malicious Internet programs, but they are targeted far less often. So statistically speaking, your chances of staying safe are better if your computer is a Mac.

Try less common Internet browsers and e-mail systems. Again, it's a numbers game. Since Internet Explorer and Outlook Express are so widely used, hackers target them. Instead, you could try Mozilla's free Firefox browser and Thunderbird e-mail program, or the free Eudora Internet Suite.

How can I fight back if my computer is already part of a botnet?

Replace your security system or use more than one at a time. If you have antivirus protection, obviously it has let you down. Some experts estimate that even the best antivirus programs fail to detect 80 percent of malicious programs, simply because the crooks develop new ones every few minutes. So you can increase your chances of rooting out the virus that led to the botnet by trying out multiple security software packages. Many are available for free on the Internet. Just be sure the ones you try are legitimate. Check out a site like Cnet.com for advice.

There are programs designed to find botnets. Trend Micro makes a program called RUBotted and SRI International offers BotHunter.

Back up your data early and often. That way, if bot herders do take over your computer, you will be able to wipe it clean, then restore your personal files to your computer afterward. An external hard drive or a remote storage system works well for this.

Hoping to have another blog entry after today. Only time will tell.

Wishing you health, hope and happiness.

big bear hug,

Daddy Dab