|
|
 |
|
|
Computer Support For Individuals And Small Business |
|
|
|
|
3/20/11 |
|
|
Canning The Spam |
|
|
If you use email (is there any computer user who doesn’t?) you probably get a fair amount of spam. Not only is spam annoying but it often advertises illegal products. Some of these are even potentially dangerous, as those that advertise fake prescription drugs.
|
|
|
Notice you’re not getting quite as much spam lately? At approximately 9:00 a.m. MST Wednesday, March 16, 2011 The Rustock botnet was shut down by a group including Microsoft, Federal marshals and other industry and academic experts.
|
|
|
It was considered one of the worst, if not the worst, sources of spam in the world. It is estimated it infected a million computers and could send up to 30 billion pieces of spam email daily.
|
|
|
A botnet is made up of command-and-control servers which control other computers infected with malicious software, or a “bot” (short for robot). The internet is scanned to find vulnerable computers to infect with the malware turning them into “zombie” computers.
|
|
|
The zombies can then be controlled through the internet for malicious purposes, commonly to send spam email. They can also be used for denial-of-service (DoS) attacks. The owners of the zombies typically are unaware their computer is part of a botnet.
|
|
|
The originator of the botnet (aka "bot herder" or "bot master") controls the botnet remotely. A spammer then purchases the services available through the botnet to send out the spam email.
|
|
|
Though many botnets have been discovered and dismantled recently many remain. Also, some reappear on different server installations. This is a concern with Rustock.
|
|
|
Through legal and technical means the Rustock botnet was shut down and some servers seized. However, there is significant concern that it may rear its ugly head again.
|
|
|
So how do we as users protect our machines from becoming zombies on a malicious botnet? Fortunately, it’s not so difficult.
|
|
|
First, it is essential to have anti-virus and anti-spyware installed, updated, and turned on. Be sure to re-subscribe when your subscription runs out.
|
|
|
Second, you must have a firewall installed and turned on. Windows comes with a built in firewall. Some anti-malware programs come with a firewall. There are also third-party firewalls available. There are free options for both anti-virus software and a firewall in our Download Center.
|
|
|
Third, it is essential to keep the Windows operating system up-to-date. We recommend Windows Update be allowed to download and install updates automatically. If for some reason you want to control this process (and there may be good reason to do this), be sure you install the updates on some kind of a regular schedule.
|
|
|
One of the specific Windows updates is the “Windows Malicious Software Removal Tool.” It is designed specifically to check for botnet related malware, among other things.
|
|
|
The Windows Malicious Software Removal Tool is distributed monthly through Windows Update. As long as Windows Update is set to download and install updates automatically, your computer will be protected from becoming a botnet zombie. If you are controlling part of the process manually, be sure to allow the system to install the Windows Malicious Software Removal Tool on a timely basis.
|
|
|
We recommend further monitoring your system regularly to be sure these items are working correctly. For instructions for quickly monitoring security settings see these articles for Windows 7, Windows Vista, and Windows XP.
|
|