Slashdot Mirror

← Back to Stories (view on slashdot.org)

Over a Million Zombie PCs

Posted by Zonk on from the daaaaataaaa dept.

Doyle writes "A BBC article discusses new research revealing that over 1 million computers have been compromised and are being used in bot nets. From the article: 'The largest network spied on by the team was made up of 50,000 hijacked home computers.'"

6 of 564 comments (clear)

  1. Why arent governments proacting agaisnt these nets by panxerox · · Score: 5, Interesting

    If 1,000,000 computers can be identified as being zombie machines than 1,000,000 computer owners can be contacted. This is THE major problem afflicting the internet, why dont governments form a unit to identify and at least notifiy the owners of these machines? Will it take a major internet terrorist attack like bringing down a power grid to make governments act?. As net users we should advocate government involvment in a measured controlled way rather than the reaction that will come after an attack (patriot act?)

    --
    "It's so convenient to have a system where everyone is a criminal" - A. Hitler
  2. Not surprising by dmf415 · · Score: 5, Interesting

    At my university, we have to run snort at the head end of the network in order to control the havoc these compromised machines create. We also monitor the number of simultaneous connections each machine creates and block the ones at the very top.

  3. Why not ISPs by winkydink · · Score: 5, Interesting

    Better yet, why don't ISPs disconnect them until they can demonstrate they've been cleaned up?

    --

    "I'd rather be a lightning rod than a seismometer." -Ken Kesey

    1. Re:Why not ISPs by Grishnakh · · Score: 5, Interesting

      I agree, especially about suing the customers. If they can sue customers for using P2P applications, they can certainly sue customers for running malicious programs on their computers, knowingly (they've been informed), and performing illegal actions with them.

      Harsh times call for harsh measures.

  4. not entirely user behavior... by grassy_knoll · · Score: 5, Interesting
    from TFA:

    Getting the machines hijacked was worryingly easy. The longest time a Honeynet machine survived without being found by an automatic attack tool was only a few minutes. The shortest compromise time was only a few seconds.


    It's sad, but it seems the only way to mitigate this is to hold the OS vendor responisble for insecure code. Similar to cars, we hold the driver responsible if they ( say ) drive drunk, but the manufactorer responsible if while driving the wheels come off.
    --
    A Human Right
  5. Re:Anyone know... by dtfinch · · Score: 5, Interesting

    If Joe User started on Linux, or *BSD, then trying to use Windows would require taking time to learn.

    You can tell that Windows is meant to be used as a tool and not just for hobby because in Office and the Explorer search pane they have dozens of these little characters that'll dance and do tricks and stuff without really helping you out in the process. And a bunch of the window actions can be animated to slow them down a bit. You've got connection limits and such to ensure that you only use your desktop for desktop stuff. Network authentication restrictions ensure that your intranet design fits a standard, well supported model, and that the right edition gets used for the right job. And the whole thing is pretty awesome for running games.

    Linux must certainly be meant just for hobby because it comes with thousands of these little tools that just do their jobs without much in the way of glitter and animation to impress the user, or even a requirement that a user must be directly interacting with them.