Zombies

Viruses are designed to trick either the user, the operating system or an application into running or installing a foreign program on a computer system without authorization. Thus, the virus has two primary parts: a trick and a treat, so to speak. Executing the virus is the result of the "trick", and the "treat" is the payload, generally an undesired (although not necessarily destructive) piece of code.

Some of these viruses cleverly use something called social engineering to convince people to execute attached programs. Perhaps the most famous of these was the "I Love You" virus from a few years ago. Others take advantage of operating system bugs to slip past your defenses and install themselves; the interesting thing about some of these (Nimda in particular) is the virus (actually a worm) locates and installs itself on computers automatically - no human being is involved. There are many other methods of propagation, but the objective is to covertly install or run something on as many computer systems as possible.

The payload (the destructive program that is installed or run on the target computer system) can do just about anything that the virus writer desires (at least on the Windows operating system). You see, this is a result of one of the peculiar "features" of the Windows platform: by default (especially for home users), the logged in user is has full administration rights to the machine. This means any program run by that user can do anything, literally anything at all. 

Some virus writers just send out bits of code which perform some silly little stunt. They might display a bit of text on a certain date, show a picture, or move characters around on the screen.

Others create concept viruses: these exist to prove something works. Generally these don't do any real damage.

Most viruses carry some kind of destructive payload, which triggers immediately when the executable is opened. These might wipe out a hard drive, resend themselves to thousands of people or do any number of other destructive things.

Worse than all of those, however, are the viruses which carry something called a Zombie. These are little programs which, when triggered, simply install themselves and wait for commands. In fact, if your system was infected with a Zombie you might never know. They just sit and wait for commands from anyone who knows how to access them.

You remember the cyber-attack against the White House a few years ago? How about the attack on Ebay or the one on Yahoo? These attacks were all of a type known as Distributed Denial of Service. In general, that's what these Zombies are for.

You see, they sit and wait for an attack order. Some hacker activates them, tells them to hit a certain TCP/IP address with a denial of service attack, then everything else happens automatically.

What does this mean? Hundreds, thousands or even more machines might flood a network with millions of requests at a time. This is enough to overwhelm just about anything, denying them to legitimate users and perhaps even crashing the machines.

Thus, your machine might be infected when you download that cool screensaver or open that email attachment from someone claiming they love you. You might never even notice. However, your machine might actually be taking part in an attack on a university, a business or even the government without your knowledge. 

How do you protect yourself against these zombies? Follow the standard rules: 

• Install a good antivirus package
• Keep the definitions up-to-date
• Install a good firewall and set it to block the higher numbered (over 1024) ports.
• Never open any executable attachment