Google

What began as a project helmed by Larry Page and Sergey Brin, two students in Stanford's Ph.D. program, is now one of the most influential companies on the World Wide Web: Google. At first, the students' goal was to make an efficient search engine that gave users relevant links in response to search requests. While that's still Google's core purpose today, the company now provides services ranging from e-mail to document storage. In less than a decade, Google evolved from a two-man enterprise to a multibillion-dollar corporation.

Today, Google's popularity continues to grow. In 2007, Google surpassed Microsoft as the most visited site on the Web [source: San Francisco Chronicle]. The company's influence on the Web is undeniable. Practically every webmaster wants his or her site listed high on Google's search engine results pages (SERPs), because it almost always translates into more traffic on the corresponding Web site. Google has also acquired other Internet companies, ranging from blogging services to the video-sharing site YouTube. For a while, Google's search technology even powered rival companies' search engines -- Yahoo relied on Google searches until developing its own search engine technologies in 2004 [source: cNet].

Google's influence isn't limited to just the Web. In 2007, Google executives announced their intention to enter the FCC's auction of the wireless spectrum in the 700 megahertz (MHz) band. That part of the wireless spectrum previously belonged to analog television broadcasters. Google entered the auction in order to foster competition within the wireless service industry. Google supported an open technology approach to wireless service in which consumers could use any device with any provider rather than face limited choices determined by the provider and its preferred vendors. In order to participate in the auction, Google had to prove it was ready to meet the reserve price for the spectrum: $4.6 billion.

In this article, we'll learn about the backbone of Google's business: its search engine. We'll also look at the other services Google offers to both average users and to commercial businesses. Then we'll take a quick peek at some of the tools Google has developed over the years. We'll also learn more about the equipment Google uses to keep its massive operation running. Finally, we'll take a closer look at Google the company.

The Google Search Engine
Google's search engine is a powerful tool. Without search engines like Google, it would be practically impossible to find the information you need when you browse the Web. Like all search engines, Google uses a special algorithm to generate search results. While Google shares general facts about its algorithm, the specifics are a company secret. This helps Google remain competitive with other search engines on the Web and reduces the chance of someone finding out how to abuse the system.
Google uses automated programs called spiders or crawlers, just like most search engines. Also like other search engines, Google has a large index of keywords and where those words can be found. What sets Google apart is how it ranks search results, which in turn determines the order Google displays results on its search engine results page (SERP). Google uses a trademarked algorithm called PageRank, which assigns each Web page a relevancy score.

A Web page's PageRank depends on a few factors:
· The frequency and location of keywords within the Web page: If the keyword only appears once within the body of a page, it will receive a low score for that keyword.
· How long the Web page has existed: People create new Web pages every day, and not all of them stick around for long. Google places more value on pages with an established history.
· The number of other Web pages that link to the page in question: Google looks at how many Web pages link to a particular site to determine its relevance.
Out of these three factors, the third is the most important. It's easier to understand it with an example. Let's look at a search for the terms "Planet Earth."

As more Web pages link to Discovery's Planet Earth page, the Discovery page's rank increases. When Discovery's page ranks higher than other pages, it shows up first on a Google search.
Because Google looks at links to a Web page as a vote, it's not easy to cheat the system. The best way to make sure your Web page is high up on Google's search results is to provide great content so that people will link back to your page. The more links your page gets, the higher its PageRank score will be. If you attract the attention of sites with a high PageRank score, your score will grow faster.

Google Services
As Google has grown, the company has added several new services for its users. Some of the services are designed to help make Web searches more efficient and relevant, while others seem to have little in common with search engines. With many of its services, Google has entered into direct competition with other companies.
Google's specialized searches are an extension of its normal search engine protocol. With specialized searches, you can narrow your search to specific resources.

You can enter keywords into Google and search for:
· Images related to your keywords
· Maps
· News articles or footage
· Products or services you can purchase online
· Blog entries containing the keywords you've chosen
· Content in books
· Videos
· Scholarly papers

For these searches, Google has created specialized indexes that only contain relevant sources. For example, if you search for the terms "Planet Earth" in the news category, the results will include only news articles that contain those keywords. The results will look very different from Google's normal SERP.
In the last few years, Google has unveiled services that don't relate to search engines upon first glance. For example, Google's Gmail is a free Web-based e-mail program. When the service first launched, Google limited the number of users who could create accounts. The first group of users could invite a limited number of people to join the service, and so Gmail invitations became a commodity. Today, anyone can sign up for a free Gmail account.

Gmail organizes e-mails into conversations. This means that when you send an e-mail to someone and he or she replies, both e-mails are grouped together in a thread in your inbox. This makes it easier to follow the flow of an e-mail exchange. If you reply to your friend's response, Google will attach your message to the bottom of the thread. It's easy to navigate through the e-mail program and follow specific conversations.
Another free service from Google is Google Docs, a storage database and collaborative word processing program originally called Writely. Creating a Docs account is free and allows you to store up to 5,000 documents and images online. Each document can be up to 500 kilobytes, and each embedded image can be up to 2 megabytes. You can share documents on Google Docs, which allows your friends to view and make changes to documents. You can store all your documents on Google's servers and access them wherever there's an Internet connection.

Google Tools
Google offers a popular tool called Google Maps, an online mapping service similar to MapQuest. Google uses map sources from companies like NAVTEQ and TeleAtlas, as well as satellite data from DigitalGlobe and MDA Federal, to create interactive maps. You can use Google maps to view an address' location or get driving directions to a particular destination.
Google Maps has several view modes. The map view is a basic road map, satellite view overlays a road map on top of satellite photos of the region, terrain view creates a topographic map with a road map overlay, and the traffic view uses red, yellow and green to indicate congested major roadways in the area. Street view mode is available in select U.S. cities. Selecting street view in such locations as Orlando, Fla., gives you the option to view photos taken from street level. You can navigate through the city by clicking on arrows in the photographs, and you can rotate your view 360 degrees.

Google Maps can also integrate business information. You can use Google Maps like a search engine to find a business, such as "HowStuffWorks, Atlanta, GA," which will show you our office's location. You can also search for general businesses. If you're in the mood to eat sushi in San Francisco, you can type "sushi, San Francisco," and with a click of the Search button, Google Maps will display a map of the city with several sushi restaurants tagged.
A related product to Google Maps is Google Earth, an interactive digital globe. It uses the same satellite images licensed for Google Maps, but you must download the application and install it on your computer. Google Earth requires an Internet connection to be fully functional, though you can still view locations on the globe even if you aren't connected. To learn more about this program, read "How Google Earth Works."

The Google Toolbar is another handy tool available for Firefox or Internet Explorer users. The toolbar has customizable buttons. Each button maps to a particular function, which can include anything from viewing a Web site's PageRank to translating a word from one language to another.
Google Desktop is another free application you can download. This program lets you search your computer the way you would search the Internet using the Google search engine. You can also choose to download Google Gadgets, computer programs that integrate seamlessly into your desktop. Each gadget does something different. Gadgets include clocks, calendars, news feeds and weather reports.

Google Revenue
Unlike some Internet companies, Google has multiple ways of generating revenue beyond private investment or selling shares of stocks. Google uses three ways to partner with merchants and advertisers: Google Checkout, Google AdWords and Google AdSense.
Google Checkout is a service designed to make online purchases easier for both the consumer and the retailer. On the consumer end, users create a free Google Checkout account. Part of the account creation process includes entering a credit or debit card number, which Google stores in a secure database. When the user visits a retailer that subscribes to Google Checkout, he or she can click on the checkout option and Google facilitates the transaction. This means that the user doesn't have to enter a card number every time he or she makes a purchase.
Retailers can set up Google Checkout accounts for free, but as of February 2008, Google charges a 2 percent plus 20-cent fee per transaction. For example, if a customer buys a $10 item from a merchant, Google will charge that merchant 40 cents for that transaction.

Another way Google generates revenue is through a pair of Web advertising services called AdWords and AdSense. With AdWords, advertisers can submit ads to Google that include a list of keywords relating to the product, service or business. When a Google user searches the Web using one or more of those keywords, the ad appears on the SERP in a sidebar. The advertiser pays Google every time a user clicks on the ad.
AdSense is similar, except that instead of displaying ads on a Google SERP, a webmaster can choose to integrate ads into his or her own site. Google's spiders crawl the site and analyze the content. Then, Google selects ads that contain keywords relevant to the webmaster's site. The webmaster can customize the location and color of the sidebar containing the ads. Every time someone clicks on an ad on the webmaster's site, the webmaster receives a portion of the ad revenue (Google gets the rest).

With both AdWords and AdSense, Google's strategy is to provide targeted advertising to users. Google believes that by providing advertising relevant to the information the user is already searching for, the chances of someone following the ad are greatly increased [source: Google].
Google Equipment
Back in 1998, Google's equipment was relatively modest. Co-founders Larry Page and Sergey Brin used Stanford equipment and donated machines to run Google's search engine duties.

The equipment at that time included:
· Two 300 megahertz (MHz) Dual Pentium II servers with 512 megabytes (MB) of memory
· A four-processor F50 IBM RS6000 computer with 512 MB of memory
· A dual-processor Sun Ultra II computer with 256 MB of memory
· Several hard drives (some of which were housed in a box covered in LEGO bricks) ranging from four to nine gigabytes (GB) for a total of more than 350 GB of storage space [source: Google Stanford Hardware]
Today, Google uses thousands of servers to provide services to its users. Google's strategy is to use relatively inexpensive machines running on a customized operating system based on Linux. A program called Google File System manages the data on Google's servers [source: Google Cluster Architecture].
Google uses servers for different tasks. Google's Web servers receive and process user queries, sending the request on to the next appropriate server. Index servers store Google's indexes and search results. Google uses document servers to store search summaries, user information, gmail and Google Docs files. Ad servers store the advertisements Google displays on search pages.

Google divides the information on each index server into 64 MB blocks. There are three copies of each block of data, and each copy is stored on a different server running on a separate power strip. The blocks of data are distributed semi-randomly so that no two servers have the exact same collection of data blocks. That way, if there's a problem with one server, the data will still exist in other machines. Using multiple copies of data to prevent an interruption in service is called redundancy.
A master computer manages each set of servers. The master computer's job is to keep track of which servers hold each block of data in the event of a catastrophe. If one server goes down, the master computer redirects all traffic to the other servers containing the same data.
Google Company Culture
Google has come a long way since Sergey Brin and Larry Page networked a few computers together at Stanford. What started as a modest project is now a multibillion-dollar global organization that employs more than 10,500 people around the world. Brin and Page are still very much involved with Google's operations -- they are Presidents of Google's Technology and Products divisions, respectively.

In early January 2008, Google's market capitalization figure (Google's stock price multiplied by the number of outstanding company shares) was more than $200 billion. Google's stock is listed in NASDAQ as GOOG, and at the beginning of 2008 Google had more than 312 million outstanding shares in the marketplace [source: Google].
Google's headquarters are in Mountain View, Calif. Google cheekily calls its campus the Googleplex -- a combination of the words "Google" and "complex" and a play on the term googolplex: One followed by a googol of zeroes. Life at the Googleplex is pretty sweet.

Here's just a small list of the amenities you can find there:
· Several café stations where employees can gather to eat free food and have conversations
· Snack rooms stocked with goodies ranging from candy to healthy foods like carrots and yogurt
· Exercise rooms
· Game rooms with video games, Foosball, pool tables and pingpong
· A baby grand piano for those who enjoy tickling the ivories

In addition to these amenities, Google employees receive a comprehensive benefits package that includes not only medical and dental coverage, but also a host of other services. These include tuition reimbursement, a child care center, adoption assistance services, an on-site doctor, financial planning classes and lots of opportunities to gather with coworkers at special corporate events. Google's philosophy also places importance on nonprofit work, and so Google will match up to $3,000 of any employee's contributions to nonprofit organizations.
Google has asserted itself as one of the most dominant forces on the Internet. Still, the company says its mission is "to organize the world's information and make it universally accessible and useful" [source: Google]. With a goal that lofty, it's a good bet that the people behind Google feel their work is just beginning.



Taken from
www.computer.howstuffworks.com/google.htm

Internet Infrastructure

One of the greatest things about the Internet is that nobody really owns it. It is a global collection of networks, both big and small. These networks connect together in many different ways to form the single entity that we know as the Internet. In fact, the very name comes from this idea of interconnected networks.
Since its beginning in 1969, the Internet has grown from four host computer systems to tens of millions. However, just because nobody owns the Internet, it doesn't mean it is not monitored and maintained in different ways. The Internet Society, a non-profit group established in 1992, oversees the formation of the policies and protocols that define how we use and interact with the Internet.

Computer Network Hierarchy
Every computer that is connected to the Internet is part of a network, even the one in your home. For example, you may use a modem and dial a local number to connect to an Internet Service Provider (ISP). At work, you may be part of a local area network (LAN), but you most likely still connect to the Internet using an ISP that your company has contracted with. When you connect to your ISP, you become part of their network. The ISP may then connect to a larger network and become part of their network. The Internet is simply a network of networks.
Most large communications companies have their own dedicated backbones connecting various regions. In each region, the company has a Point of Presence (POP). The POP is a place for local users to access the company's network, often through a local phone number or dedicated line. The amazing thing here is that there is no overall controlling network. Instead, there are several high-level networks connecting to each other through Network Access Points or NAPs.

Internet Network Example
Here's an example. Imagine that Company A is a large ISP. In each major city, Company A has a POP. The POP in each city is a rack full of modems that the ISP's customers dial into. Company A leases fiber optic lines from the phone company to connect the POPs together (see, for example, this UUNET Data Center Connectivity Map).
Imagine that Company B is a corporate ISP. Company B builds large buildings in major cities and corporations locate their Internet server machines in these buildings. Company B is such a large company that it runs its own fiber optic lines between its buildings so that they are all interconnected.

In this arrangement, all of Company A's customers can talk to each other, and all of Company B's customers can talk to each other, but there is no way for Company A's customers and Company B's customers to intercommunicate. Therefore, Company A and Company B both agree to connect to NAPs in various cities, and traffic between the two companies flows between the networks at the NAPs.

In the real Internet, dozens of large Internet providers interconnect at NAPs in various cities, and trillions of bytes of data flow between the individual networks at these points. The Internet is a collection of huge corporate networks that agree to all intercommunicate with each other at the NAPs. In this way, every computer on the Internet connects to every other.

Internet Router
All of these networks rely on NAPs, backbones and routers to talk to each other. What is incredible about this process is that a message can leave one computer and travel halfway across the world through several different networks and arrive at another computer in a fraction of a second!

The routers determine where to send information from one computer to another. Routers are specialized computers that send your messages and those of every other Internet user speeding to their destinations along thousands of pathways. A router has two separate, but related, jobs:
· It ensures that information doesn't go where it's not needed. This is crucial for keeping large volumes of data from clogging the connections of "innocent bystanders."
· It makes sure that information does make it to the intended destination.
In performing these two jobs, a router is extremely useful in dealing with two separate computer networks. It joins the two networks, passing information from one to the other. It also protects the networks from one another, preventing the traffic on one from unnecessarily spilling over to the other. Regardless of how many networks are attached, the basic operation and function of the router remains the same. Since the Internet is one huge network made up of tens of thousands of smaller networks, its use of routers is an absolute necessity. For more information, read How Routers Work.

Internet Backbone
The National Science Foundation (NSF) created the first high-speed backbone in 1987. Called NSFNET, it was a T1 line that connected 170 smaller networks together and operated at 1.544 Mbps (million bits per second). IBM, MCI and Merit worked with NSF to create the backbone and developed a T3 (45 Mbps) backbone the following year.
Backbones are typically fiber optic trunk lines. The trunk line has multiple fiber optic cables combined together to increase the capacity. Fiber optic cables are designated OC for optical carrier, such as OC-3, OC-12 or OC-48. An OC-3 line is capable of transmitting 155 Mbps while an OC-48 can transmit 2,488 Mbps (2.488 Gbps). Compare that to a typical 56K modem transmitting 56,000 bps and you see just how fast a modern backbone is.
Today there are many companies that operate their own high-capacity backbones, and all of them interconnect at various NAPs around the world. In this way, everyone on the Internet, no matter where they are and what company they use, is able to talk to everyone else on the planet. The entire Internet is a gigantic, sprawling agreement between companies to intercommunicate freely.

IP Addresses
Every machine on the Internet has a unique identifying number, called an IP Address. The IP stands for Internet Protocol, which is the language that computers use to communicate over the Internet. A protocol is the pre-defined way that someone who wants to use a service talks with that service. The "someone" could be a person, but more often it is a computer program like a Web browser.
A typical IP address looks like this:
216.27.61.137
To make it easier for us humans to remember, IP addresses are normally expressed in decimal format as a dotted decimal number like the one above. But computers communicate in binary form. Look at the same IP address in binary:
11011000.00011011.00111101.10001001

The four numbers in an IP address are called octets, because they each have eight positions when viewed in binary form. If you add all the positions together, you get 32, which is why IP addresses are considered 32-bit numbers. Since each of the eight positions can have two different states (1 or zero), the total number of possible combinations per octet is 28 or 256. So each octet can contain any value between zero and 255. Combine the four octets and you get 232 or a possible 4,294,967,296 unique values!

Out of the almost 4.3 billion possible combinations, certain values are restricted from use as typical IP addresses. For example, the IP address 0.0.0.0 is reserved for the default network and the address 255.255.255.255 is used for broadcasts.
The octets serve a purpose other than simply separating the numbers. They are used to create classes of IP addresses that can be assigned to a particular business, government or other entity based on size and need. The octets are split into two sections: Net and Host. The Net section always contains the first octet. It is used to identify the network that a computer belongs to. Host (sometimes referred to as Node) identifies the actual computer on the network. The Host section always contains the last octet. There are five IP classes plus certain special addresses.
You can learn more about IP classes at What is an IP address?.

Domain Name System
When the Internet was in its infancy, it consisted of a small number of computers hooked together with modems and telephone lines. You could only make connections by providing the IP address of the computer you wanted to establish a link with. For example, a typical IP address might be 216.27.22.162. This was fine when there were only a few hosts out there, but it became unwieldy as more and more systems came online.

The first solution to the problem was a simple text file maintained by the Network Information Center that mapped names to IP addresses. Soon this text file became so large it was too cumbersome to manage. In 1983, the University of Wisconsin created the Domain Name System (DNS), which maps text names to IP addresses automatically. This way you only need to remember www.howstuffworks.com, for example, instead of HowStuffWorks.com's IP address.

URL: Uniform Resource Locator
When you use the Web or send an e-mail message, you use a domain name to do it. For example, the Uniform Resource Locator (URL) "http://www.howstuffworks.com" contains the domain name howstuffworks.com. So does this e-mail address: example@howstuffworks.com. Every time you use a domain name, you use the Internet's DNS servers to translate the human-readable domain name into the machine-readable IP address. Check out How Domain Name Servers Work for more in-depth information on DNS.

Top-level domain names, also called first-level domain names, include .COM, .ORG, .NET, .EDU and .GOV. Within every top-level domain there is a huge list of second-level domains. For example, in the .COM first-level domain there is:
· HowStuffWorks
· Yahoo
· Microsoft
Every name in the .COM top-level domain must be unique. The left-most word, like www, is the host name. It specifies the name of a specific machine (with a specific IP address) in a domain. A given domain can, potentially, contain millions of host names as long as they are all unique within that domain.

DNS servers accept requests from programs and other name servers to convert domain names into IP addresses. When a request comes in, the DNS server can do one of four things with it:
1. It can answer the request with an IP address because it already knows the IP address for the requested domain.
2. It can contact another DNS server and try to find the IP address for the name requested. It may have to do this multiple times.
3. It can say, "I don't know the IP address for the domain you requested, but here's the IP address for a DNS server that knows more than I do."
4. It can return an error message because the requested domain name is invalid or does not exist.

A DNS Example
Let's say that you type the URL www.howstuffworks.com into your browser. The browser contacts a DNS server to get the IP address. A DNS server would start its search for an IP address by contacting one of the root DNS servers. The root servers know the IP addresses for all of the DNS servers that handle the top-level domains (.COM, .NET, .ORG, etc.). Your DNS server would ask the root for www.howstuffworks.com, and the root would say, "I don't know the IP address for www.howstuffworks.com, but here's the IP address for the .COM DNS server."

Your name server then sends a query to the .COM DNS server asking it if it knows the IP address for www.howstuffworks.com. The DNS server for the COM domain knows the IP addresses for the name servers handling the www.howstuffworks.com domain, so it returns those.

Your name server then contacts the DNS server for www.howstuffworks.com and asks if it knows the IP address for www.howstuffworks.com. It actually does, so it returns the IP address to your DNS server, which returns it to the browser, which can then contact the server for www.howstuffworks.com to get a Web page.

One of the keys to making this work is redundancy. There are multiple DNS servers at every level, so that if one fails, there are others to handle the requests. The other key is caching. Once a DNS server resolves a request, it caches the IP address it receives. Once it has made a request to a root DNS server for any .COM domain, it knows the IP address for a DNS server handling the .COM domain, so it doesn't have to bug the root DNS servers again for that information. DNS servers can do this for every request, and this caching helps to keep things from bogging down.
Even though it is totally invisible, DNS servers handle billions of requests every day and they are essential to the Internet's smooth functioning. The fact that this distributed database works so well and so invisibly day in and day out is a testimony to the design. Be sure to read How Domain Name Servers Work for more information on DNS.

Internet Servers and Clients
Internet servers make the Internet possible. All of the machines on the Internet are either servers or clients. The machines that provide services to other machines are servers. And the machines that are used to connect to those services are clients. There are Web servers, e-mail servers, FTP servers and so on serving the needs of Internet users all over the world.
When you connect to www.howstuffworks.com to read a page, you are a user sitting at a client's machine. You are accessing the HowStuffWorks Web server. The server machine finds the page you requested and sends it to you. Clients that come to a server machine do so with a specific intent, so clients direct their requests to a specific software server running on the server machine. For example, if you are running a Web browser on your machine, it will want to talk to the Web server on the server machine, not the e-mail server.

A server has a static IP address that does not change very often. A home machine that is dialing up through a modem, on the other hand, typically has an IP address assigned by the ISP every time you dial in. That IP address is unique for your session -- it may be different the next time you dial in. This way, an ISP only needs one IP address for each modem it supports, rather than one for each customer.

Ports and HTTP
Any server machine makes its services available using numbered ports -- one for each service that is available on the server. For example, if a server machine is running a Web server and a file transfer protocol (FTP) server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. Clients connect to a service at a specific IP address and on a specific port number.

Once a client has connected to a service on a particular port, it accesses the service using a specific protocol. Protocols are often text and simply describe how the client and server will have their conversation. Every Web server on the Internet conforms to the hypertext transfer protocol (HTTP). You can learn more about Internet servers, ports and protocols by reading How Web Servers Work.

Networks, routers, NAPs, ISPs, DNS and powerful servers all make the Internet possible. It is truly amazing when you realize that all this information is sent around the world in a matter of milliseconds! The components are extremely important in modern life -- without them, there would be no Internet. And without the Internet, life would be very different indeed for many of us.



Taken from
www.computer.howstuffworks.com/internet-infrastructure.htm

Hackers

Thanks to the media, the word "hacker" has gotten a bad reputation. The word summons up thoughts of malicious computer users finding new ways to harass people, defraud corporations, steal information and maybe even destroy the economy or start a war by infiltrating military computer systems. While there's no denying that there are hackers out there with bad intentions, they make up only a small percentage of the hacker community.

The term computer hacker first showed up in the mid-1960s. A hacker was a programmer -- someone who hacked out computer code. Hackers were visionaries who could see new ways to use computers, creating programs that no one else could conceive. They were the pioneers of the computer industry, building everything from small applications to operating systems. In this sense, people like Bill Gates, Steve Jobs and Steve Wozniak were all hackers -- they saw the potential of what computers could do and created ways to achieve that potential.

A unifying trait among these hackers was a strong sense of curiosity, sometimes bordering on obsession. These hackers prided themselves on not only their ability to create new programs, but also to learn how other programs and systems worked. When a program had a bug -- a section of bad code that prevented the program from working properly -- hackers would often create and distribute small sections of code called patches to fix the problem. Some managed to land a job that leveraged their skills, getting paid for what they'd happily do for free.

As computers evolved, computer engineers began to network individual machines together into a system. Soon, the term hacker had a new meaning -- a person using computers to explore a network to which he or she didn't belong. Usually hackers didn't have any malicious intent. They just wanted to know how computer networks worked and saw any barrier between them and that knowledge as a challenge.

In fact, that's still the case today. While there are plenty of stories about malicious hackers sabotaging computer systems, infiltrating networks and spreading computer viruses, most hackers are just curious -- they want to know all the intricacies of the computer world. Some use their knowledge to help corporations and governments construct better security measures. Others might use their skills for more unethical endeavors.

In this article, we'll explore common techniques hackers use to infiltrate systems. We'll examine hacker culture and the various kinds of hackers as well as learn about famous hackers, some of whom have run afoul of the law.

The Hacker Toolbox
The main resource hackers rely upon, apart from their own ingenuity, is computer code. While there is a large community of hackers on the Internet, only a relatively small number of hackers actually program code. Many hackers seek out and download code written by other people. There are thousands of different programs hackers use to explore computers and networks. These programs give hackers a lot of power over innocent users and organizations -- once a skilled hacker knows how a system works, he can design programs that exploit it.

Malicious hackers use programs to:
· Hack passwords: There are many ways to hack someone's password, from educated guesses to simple algorithms that generate combinations of letters, numbers and symbols. The trial and error method of hacking passwords is called a brute force attack, meaning the hacker tries to generate every possible combination to gain access. Another way to hack passwords is to use a dictionary attack, a program that inserts common words into password fields.

· Infect a computer or system with a virus: Computer viruses are programs designed to duplicate themselves and cause problems ranging from crashing a computer to wiping out everything on a system's hard drive. A hacker might install a virus by infiltrating a system, but it's much more common for hackers to create simple viruses and send them out to potential victims via email, instant messages, Web sites with downloadable content or peer-to-peer networks.

· Log keystrokes: Some programs allow hackers to review every keystroke a computer user makes. Once installed on a victim's computer, the programs record each keystroke, giving the hacker everything he needs to infiltrate a system or even steal someone's identity.

· Gain backdoor access: Similar to hacking passwords, some hackers create programs that search for unprotected pathways into network systems and computers. In the early days of the Internet, many computer systems had limited security, making it possible for a hacker to find a pathway into the system without a username or password. Another way a hacker might gain backdoor access is to infect a computer or system with a Trojan horse.

· Create zombie computers: A zombie computer, or bot, is a computer that a hacker can use to send spam or commit Distributed Denial of Service (DDoS) attacks. After a victim executes seemingly innocent code, a connection opens between his computer and the hacker's system. The hacker can secretly control the victim's computer, using it to commit crimes or spread spam.
· Spy on e-mail: Hackers have created code that lets them intercept and read e-mail messages -- the Internet's equivalent to wiretapping. Today, most e-mail programs use encryption formulas so complex that even if a hacker intercepts the message, he won't be able to read it.

Hacker Culture
Individually, many hackers are antisocial. Their intense interest in computers and programming can become a communication barrier. Left to his or her own devices, a hacker can spend hours working on a computer program while neglecting everything else.

Computer networks gave hackers a way to associate with other people with their same interests. Before the Internet became easily accessible, hackers would set up and visit bulletin board systems (BBS). A hacker could host a bulletin board system on his or her computer and let people dial into the system to send messages, share information, play games and download programs. As hackers found one another, information exchanges increased dramatically.

Some hackers posted their accomplishments on a BBS, boasting about infiltrating secure systems. Often they would upload a document from their victims' databases to prove their claims. By the early 1990s, law enforcement officials considered hackers an enormous security threat. There seemed to be hundreds of people who could hack into the world's most secure systems at will [source: Sterling].

There are many Web sites dedicated to hacking. The hacker journal "2600: The Hacker Quarterly" has its own site, complete with a live broadcast section dedicated to hacker topics. The print version is still available on newsstands. Web sites like Hacker.org promote learning and include puzzles and competitions for hackers to test their skills.

When caught -- either by law enforcement or corporations -- some hackers admit that they could have caused massive problems. Most hackers don't want to cause trouble; instead, they hack into systems just because they wanted to know how the systems work. To a hacker, a secure system is like Mt. Everest -- he or she infiltrates it for the sheer challenge. In the United States, a hacker can get into trouble for just entering a system. The Computer Fraud and Abuse Act outlaws unauthorized access to computer systems [source: Hacking Laws].

Not all hackers try to explore forbidden computer systems. Some use their talents and knowledge to create better software and security measures. In fact, many hackers who once used their skills to break into systems now put that knowledge and ingenuity to use by creating more comprehensive security measures. In a way, the Internet is a battleground between different kinds of hackers -- the bad guys, or black hats, who try to infiltrate systems or spread viruses, and the good guys, or white hats, who bolster security systems and develop powerful virus protection software.

Hackers on both sides overwhelmingly support open source software, programs in which the source code is available for anyone to study, copy, distribute and modify. With open source software, hackers can learn from other hackers' experiences and help make programs work better than they did before. Programs might range from simple applications to complex operating systems like Linux.

There are several annual hacker events, most of which promote responsible behavior. A yearly convention in Las Vegas called DEFCON sees thousands of attendees gather to exchange programs, compete in contests, participate in panel discussions about hacking and computer development and generally promote the pursuit of satisfying curiosity. A similar event called the Chaos Communication Camp combines low-tech living arrangements -- most attendees stay in tents -- and high-tech conversation and activities.

Hackers and the Law
In general, most governments aren't too crazy about hackers. Hackers' ability to slip in and out of computers undetected, stealing classified information when it amuses them, is enough to give a government official a nightmare. Secret information, or intelligence, is incredibly important. Many government agents won't take the time to differentiate between a curious hacker who wants to test his skills on an advanced security system and a spy.

Laws reflect this attitude. In the United States, there are several laws forbidding the practice of hacking. Some, like 18 U.S.C. § 1029, concentrate on the creation, distribution and use of codes and devices that give hackers unauthorized access to computer systems. The language of the law only specifies using or creating such a device with the intent to defraud, so an accused hacker could argue he just used the devices to learn how security systems worked.

Another important law is 18 U.S.C. § 1030, part of which forbids unauthorized access to government computers. Even if a hacker just wants to get into the system, he or she could be breaking the law and be punished for accessing a nonpublic government computer [Source: U.S. Department of Justice].

Punishments range from hefty fines to jail time. Minor offenses may earn a hacker as little as six months' probation, while other offenses can result in a maximum sentence of 20 years in jail. One formula on the Department of Justice's Web page factors in the financial damage a hacker causes, added to the number of his victims to determine an appropriate punishment [Source: U.S. Department of Justice].

Other countries have similar laws, some much more vague than legislation in the U.S. A recent German law forbids possession of "hacker tools." Critics say that the law is too broad and that many legitimate applications fall under its vague definition of hacker tools. Some point out that under this legislation, companies would be breaking the law if they hired hackers to look for flaws in their security systems [source: IDG News Service].

Hackers can commit crimes in one country while sitting comfortably in front of their computers on the other side of the world. Therefore, prosecuting a hacker is a complicated process. Law enforcement officials have to petition countries to extradite suspects in order to hold a trial, and this process can take years. One famous case is the United States' indictment of hacker Gary McKinnon. Since 2002, McKinnon fought extradition charges to the U.S. for hacking into the Department of Defense and NASA computer systems. McKinnon, who hacked from the United Kingdom, defended himself by claiming that he merely pointed out flaws in important security systems. In April 2007, his battle against extradition came to an end when the British courts denied his appeal [Source: BBC News].

Famous Hackers
Steve Jobs and Steve Wozniak, founders of Apple Computers, are both hackers. Some of their early exploits even resemble the questionable activities of some malicious hackers. However, both Jobs and Wozniak outgrew their malicious behavior and began concentrating on creating computerhardware and software. Their efforts helped usher in the age of the personal computer -- before Apple, computer systems remained the property of large corporations, too expensive and cumbersome for average consumers.

Linus Torvalds, creator of Linux, is another famous honest hacker. His open sourceoperating system is very popular with other hackers. He has helped promote the concept of open source software, showing that when you open information up to everyone, you can reap amazing benefits.

Richard Stallman, also known as "rms," founded the GNU Project, a free operating system. He promotes the concept of free software and computer access. He works with organizations like the Free Software Foundation and opposes policies like Digital Rights Management.

On the other end of the spectrum are the black hats of the hacking world. At the age of 16, Jonathan James became the first juvenile hacker to get sent to prison. He committed computer intrusions on some very high-profile victims, including NASA and a Defense Threat Reduction Agency server. Online, Jonathan used the nickname (called a handle) "c0mrade." Originally sentenced to house arrest, James was sent to prison when he violated parole.

Kevin Mitnick gained notoriety in the 1980s as a hacker who allegedly broke into the North American Aerospace Defense Command (NORAD) when he was 17 years old. Mitnick's reputation seemed to grow with every retelling of his exploits, eventually leading to the rumor that Mitnick had made the FBI's Most Wanted list. In reality, Mitnick was arrested several times for hacking into secure systems, usually to gain access to powerful computer software.

Kevin Poulsen, or Dark Dante, specialized in hacking phone systems. He's famous for hacking the phones of a radio station called KIIS-FM. Poulsen's hack allowed only calls originating from his house to make it through to the station, allowing him to win in various radio contests. Since then, he has turned over a new leaf, and now he's famous for being a senior editor at Wired magazine.
Adrian Lamo hacked into computer systems using computers at libraries and Internet cafes. He would explore high-profile systems for security flaws, exploit the flaws to hack into the system, and then send a message to the corresponding company, letting them know about the security flaw. Unfortunately for Lamo, he was doing this on his own time rather than as a paid consultant -- his activities were illegal. He also snooped around a lot, reading sensitive information and giving himself access to confidential material. He was caught after breaking into the computer system belonging to the New York Times.

It's likely that there are thousands of hackers active online today, but an accurate count is impossible. Many hackers don't really know what they are doing -- they're just using dangerous tools they don't completely understand. Others know what they're doing so well that they can slip in and out of systems without anyone ever knowing.



Taken from
www.computer.howstuffworks.com/hackers.htm

Computer Internet Security

Every minute that your computer is connected to the Internet, either through a dial-up (modem) connection or through a broadband (DSL or cable) service, it is at risk. Network security attacks can come at any hour of the day or night.

Ignoring computer Internet security threats can cost you thousands. Your computer is just one machine among the millions connected to the Internet at any given moment. And a moment is all it takes for a hacker to get in. All your private documents and photos, credit card numbers and passwords are available to anyone with bad intentions and basic computer skills.

Hackers can get in, take what they want, and even leave open a "back door" so they can turn your computer into a "zombie" and use it to launch network security attacks, often against high-profile computer systems such as government or financial systems. Having control of your computer gives them the ability to hide their true location as they launch their attacks.

Virus protection is not enough. Don't think that antivirus software completely protects your computer from Internet security risks. Virus protection is as good as the latest virus definitions, which are created in response to the latest viruses - many thousands of people must be infected before the makers of antivirus software can create a defense. And antivirus software does nothing to protect your computer against direct network security attacks.

If you use dial-up Internet connection, it is more difficult (not impossible, just difficult) for a hacker to get in, since your computer only connects to the Internet when it has something to send, such as email or a request to load a Web page. Once there is no more data to be sent, or after a certain amount of idle time, the computer disconnects the call. Also, your computer is usually assigned a different IP address on each call.

Broadband services are more of a target for network attacks, since your computer is always on the network, ready to send or receive data and its IP address changes less frequently (if at all).
How to protect your computer against network security attacks and other accidents:

1) Use a firewall
This is a software program that monitors all incoming and outgoing network traffic and allows only the connections that are known and trusted. It's a mandatory tool for your computer Internet security.
The best balance between maximum protection and ease of use is ZoneAlarm Pro from Zone Labs, which is not just a classic firewall that stops all network security attacks, but also...
· Makes your computer invisible to anyone on the Internet.
· Automatically removes the most dangerous and useless spyware and viruses.
· Blocks banner ads and pop-up/pop-under ads.
· Automatically updates spyware and virus signatures.
Zone Labs has just released the new ZoneAlarm Security Suite - an easy to use computer Internet security package combining their firewall with antivirus, email security, content filtering, and communication protection.

2) Use antivirus software and keep it up-to-date
I recommend Kaspersky Anti-Virus . It detects more viruses than popular Norton AntiVirus and can protect you from even unknown viruses. It was the only antivirus program in the world that repelled attacks of all "ILOVEYOU" virus variations without any additional antivirus database updates. The program checks and cures both incoming and outgoing mail in real-time, is simple to install and use. You only need to choose from three levels of protection.
To find out if you have any viruses or spyware on your computer without having to uninstall your current antivirus or install a new one, you can scan your computer online for viruses and spyware with their free Online Scanner. Just click the link Free Virus Scan on their home page.
The popular ZoneAlarm Internet Security Suite uses Kasperky anti-virus engine. Take a look also at Kaspersky Internet Security. It's a package combining antivirus protection with a personal firewall and an antispam filter, specially developed to protect personal computers against the whole range of network security attacks - viruses, hackers, spyware and spam.

3) Regularly check for spyware and adware
Spyware and Adware are files that can be installed on your computer without your permission. These programs allow hackers to track your behavior on the Internet and retrieve your personal information such as pin, credit card, phone and social security numbers, passwords, usernames, etc. ZoneAlarm Anti-Spyware combines a spyware scanner with a firewall and email security.

4) Don't open unknown email attachments
Don't open any email attachments unless they are authored by a person or company that you trust. Also remember that email viruses can often originate from familiar addresses. If you need to open a suspicious attachment, first save it to your hard disk and scan the file using your antivirus software.

5) Disable hidden filename extensions
Windows operating systems contain an option to "Hide file extensions for known file types" (enabled by default). Some email viruses take advantage of a hidden file extension. They use an attachment which may appear to be harmless (.txt, .mpg, .avi) when in fact it's a script or executable (.vbs, .exe). For example, "LOVE-LETTER-FOR-YOU.TXT.vbs".

6) Keep your operating system and other applications patched
Most of the network security attacks would be stopped if all users kept their computers up-to-date with patches and security fixes. When holes are discovered (this happens frequently), computer vendors usually release patches for their software. Some applications automatically check for available updates, for others, you need to check periodically vendors' websites.

7) Disable Java and ActiveX if possible
Java and ActiveX are used to write code that is executed by Web browsers. Although this code generally adds useful features, it can be used by hackers, for example, to monitor your Internet activity. You can disable Java and ActiveX in your browser at the cost of limited interaction with some websites.

8) Turn off your computer or disconnect from the network when not in use
If you use broadband (DSL or cable) Internet connection, turn off your computer or otherwise completely disconnect it from the network when you are not using it. This not only "protects" your computer from Internet security risks, it forces your ISP to change your computer's IP address more frequently, thus making it more difficult for a hacker to get in.

9) Make regular backups of important data
A hard disk crash or physical theft of your computer results in the loss of all data stored on hard disk. Keep a copy of important files on removable media such as floppy/ZIP disks or recordable CD-ROM disks and store these disks somewhere away from the computer.



Taken from
http://www.buildwebsite4u.com/

Zombie Computers

Imagine that the Internet is a city. It would undoubtedly be the most remarkable and diverse city on the planet, but it would also be incredibly seedy and dangerous. You could find the world's most comprehensive libraries there alongside X-rated theaters.
Inside this city, you would also discover that not everyone is who they seem to be -- even yourself. You might find out that you've been misbehaving, although you don't remember it. Like the unwitting agent in "The Manchurian Candidate," you discover you've been doing someone else's bidding, and you have no idea how to stop it.

A zombie computer is very much like the agent in "The Manchurian Candidate." A hacker secretly infiltrates an unsuspecting victim's computer and uses it to conduct illegal activities. The user generally remains unaware that his computer has been taken over -- he can still use it, though it might slow down considerably. As his computer begins to either send out massive amounts of spam or attack Web pages, he becomes the focal point for any investigations involving his computer's suspicious activities.

The user might find that his Internet Service Provider (ISP) has cancelled his service, or even that he's under investigation for criminal activity. Meanwhile, the hacker shrugs off the loss of one of his zombies because he has more. Sometimes, he has a lot more -- one investigation allegedly discovered that a hacker's single computer controlled a network of more than 1.5 million computers [source: TechWeb].

In this article we'll look at how hackers can commandeer your computer, why they do it and the best way to protect yourself from malicious attacks.

A Zombie by Any Other Name
Some people think the term "zombie computer" is misleading. A zombie, after all, seems to have no consciousness and pursues victims on instinct alone. A zombie computer can still behave normally, and every action it takes is a result of a hacker's instructions (though these instructions might be automated). For this reason, these people prefer the term "bot." Bot comes from the word "robot," which in this sense is a device that carries out specific instructions. A collection of networked bots is called a "botnet," and a group of zombie computers is called an "army."


Hacking a Computer
Hackers transform computers into zombies by using small programs that exploit weaknesses in a computer's operating system(OS). You might think that these hackers are cutting-edge Internet criminal masterminds, but in truth, many have little to no programming experience or knowledge. (Sometimes people call these hackers "script kiddies" because they are young and show no proficiency in writing script or code.) Investigators who monitor botnets say that the programs these hackers use are primitive and poorly programmed. Despite the ham-handed approach, these programs do what the hackers intended them to do -- convert computers into zombies.

In order to infect a computer, the hacker must first get the installation program to the victim. Hackers can do this through e-mail, peer-to-peer networks or even on a regular Web site. Most of the time, hackers disguise the malicious program with a name and file extension so that the victim thinks he's getting something entirely different. As users become savvier about Internet attacks, hackers find new ways to deliver their programs. Have you ever seen a pop-up ad that included a "No Thanks" button? Hopefully you didn't click on it -- those buttons are often just decoys. Instead of dismissing the annoying pop-up ad, they activate a download of malicious software.

Malware
Programs designed to harm or compromise a computer are called malware (as in malicious software). Malware includes a wide array of nasty batches of code that can wreak havoc to your computer, your network and even the Internet itself. Some common forms of malware that might turn your computer into a zombie include:
· Computer viruses - programs that disable the victim's computer, either by corrupting necessary files or hogging the computer's resources
· Worms - programs that spread from one machine to another, rapidly infecting hundreds of computers in a short time
· Trojan horse - a program that claims to do one thing, but actually either damages the computer or opens a back door to your system
· Rootkits - a collection of programs that permits administrator-level control of a computer; not necessarily malware on its own, hackers use rootkits to control computers and evade detection
· Backdoors - methods of circumventing the normal operating-system procedures, allowing a hacker to access information on another computer
· Key loggers - programs that record keystrokes made by a user, allowing hackers to discover passwords and login codes.

Zombie computer code usually is part of a virus, worm or Trojan horse. Zombie computers often incorporate other kinds of malware as part of its processes.

Once the victim receives the program, he has to activate it. In most cases, the user thinks the program is something else. It might appear to be a picture file, an MPEG or some other recognizable file format. When the user chooses to run the program, nothing seems to happen. For some people, this raises alarm bells and they immediately follow up with a flurry of virus and spyware scanner activity. Unfortunately, some users simply think they received a bad file and leave it at that.

Meanwhile, the activated program attaches itself to an element of the user's operating system so that every time the user turns on his computer, the program becomes active. Hackers don't always use the same segment of an operating system's initializing sequence, which makes detection tricky for the average user.

The program either contains specific instructions to carry out a task at a particular time, or it allows the hacker to directly control the user's Internet activity. Many of these programs work over an Internet Relay Chat (IRC), and in fact there are botnet communities on IRC networks where fellow hackers can help one another out -- or attempt to steal another hacker's botnet.
Once a user's computer is compromised, the hacker pretty much has free reign to do whatever he likes. Most hackers try to stay below the radar of users' awareness. If a hacker alerts a user to his presence, the hacker risks losing a bot. For some hackers, this isn't much of a problem since some networks number in the hundreds of thousands of zombies.

Spam Distribution
Spam continues to be a huge problem. It's a frustrating experience to open your e-mail and sort through dozens of examples of junk mail. Where does all that spam come from? According to FBI estimates, a large percentage of it comes from networked zombie computers.

Hackers sometimes turn unsuspecting victims' computers into zombie computers to spread e-mail across the world. E-mail recipients usually can't trace the e-mail back to the hacker.

If spam came from one centralized source, it would be relatively easy to track it down and either demand the corresponding ISP shut down that computer's access to the Internet or charge the user for sending out illegal spam. To get around these pitfalls, hackers rely on zombie computers. The zombie computer becomes a proxy, meaning the hacker is one step removed from the origin of spam e-mails. A hacker with a large botnet can send millions of spam messages every day.

Hackers might set up a spam botnet to deliver a computer virus or Trojan program to as many computers as possible. They also can use spam to send phishing messages, which are attempts to trick users into sharing personal information (we'll talk more about phishing later).

When sending out ads in spam mail, the hacker either sets up the botnet specifically for a client or he rents it out on an hourly basis. Clients who wish to advertise their products (and who don't care how intrusive or illegal their advertisements might be) pay the hackers to send out e-mail to thousands of people.

The majority of e-mail recipients usually can't figure out where the spam is coming from. They might block one source only to receive the same spam from a different zombie in the botnet. If the e-mail includes a message that says something like "Click here to be removed from this e-mail list," they might fall prey to exposing their computer to even more spam. Users savvy enough to track the e-mail back may not notice that the sender's computer is part of a larger network of compromised machines. For someone who knows what he's doing, it's not always impossible to figure out if a sender is a single user sending out spam or if a hacker is controlling the computer remotely. It is, however, time consuming.

A zombie-computer owner might realize a hacker is controlling his machine remotely if spam recipients write to complain about the junk mail or if his own e-mail outbox is full of messages he didn't write. Otherwise, the owner is likely to remain blissfully unaware that he's part of a ring of spammers. Some users don't seem to care if their machines are being used to spread spam mail as if it were someone else's problem and many more don't take the necessary precautions to avoid becoming part of a botnet.

Distributed Denial of Service Attacks
Sometimes a hacker uses a network of zombie computers to sabotage a specific Web site or server. The idea is pretty simple -- a hacker tells all the computers on his botnet to contact a specific server or Web site repeatedly. The sudden increase in traffic can cause the site to load very slowly for legitimate users. Sometimes the traffic is enough to shut the site down completely. We call this kind of an attack a Distributed Denial of Service (DDoS) attack.
Some particularly tricky botnets use uncorrupted computers as part of the attack. Here's how it works: the hacker sends the command to initiate the attack to his zombie army. Each computer within the army sends an electronic connection request to an innocent computer called a reflector. When the reflector receives the request, it looks like it originates not from the zombies, but from the ultimate victim of the attack. The reflectors send information to the victim system, and eventually the system's performance suffers or it shuts down completely as it is inundated with multiple unsolicited responses from several computers at once.

From the perspective of the victim, it looks like the reflectors attacked the system. From the perspective of the reflectors, it seems like the victimized system requested the packets. The zombie computers remain hidden, and even more out of sight is the hacker himself.

The list of DDoS attack victims includes some pretty major names. Microsoft suffered an attack from a DDoS called MyDoom. Hackers have targeted other major Internet players like Amazon, CNN, Yahoo and eBay. The DDoS names range from mildly amusing to disturbing:
· Ping of Death - bots create huge electronic packets and sends them on to victims
· Mailbomb - bots send a massive amount of e-mail, crashing e-mail servers
· Smurf Attack - bots send Internet Control Message Protocol (ICMP) messages to reflectors, see above illustration
· Teardrop - bots send pieces of an illegitimate packet; the victim system tries to recombine the pieces into a packet and crashes as a result.

Once an army begins a DDoS attack against a victim system, there are few things the system administrator can do to prevent catastrophe. He could choose to limit the amount of traffic allowed on his server, but this restricts legitimate Internet connections and zombies alike. If the administrator can determine the origin of the attacks, he can filter the traffic. Unfortunately, since many zombie computers disguise (or spoof) their addresses, this isn't always easy to do.

Script Kiddies
On May 4th, 2001, a 13-year-old hacker used a denial of service attack to bring down GRC.com, the Web site for Gibson Research Corporation. Ironically, GRC.com focuses on Internet security. In 2006, police in Hanoi, Vietnam arrested a high school sophomore for orchestrating a DDoS attack on a Web site for the Nhan Hoa Software Company. He said the reason he did it was because he didn't like the Web site.

Click Fraud
Some hackers aren't interested in using zombiecomputers to send spam or cripple a particular target. Many take control of computers as a method of phishing, which is where a hacker tries to uncover secret information, particularly identification information. Hackers might steal your credit card information or search through your files for other sources of profit. The hacker might use a key logging program to track everything you type, then use it to discover your passwords and other confidential information.

Sometimes hackers will use zombie computers in ways that don't directly harm the victim of the initial attack or even the ultimate target, though the end goal is still pretty sneaky and unethical.
You've probably seen or even participated in several Internet-based polls. Perhaps you've even seen one where the results seemed unusual or counter-intuitive, particularly when it comes to a contest. While it's entirely possible the poll wasn't ever attacked, hackers have been known to use zombie computers to commit click fraud. Click fraud refers to the practice of setting up a botnet to repeatedly click on a particular link. Sometimes, hackers will commit click fraud by targeting advertisers on their own Web sites. Since Web advertisers usually pay sites a certain amount of money for the number of clicks an ad gets, the hacker could stand to earn quite a few dollars from fraudulent site visits.

Zombie computers and the hackers responsible for them are pretty scary. You could end up being the victim of identity theft or unknowingly participate in an attack on an important Web site. It's important to learn how to protect yourself from hackers as well as what you should do if you find out your computer has been compromised.

Hacker Prevention
You don't want your computer to become a zombie, so what do you do to prevent it? The most important thing to remember is that prevention is an ongoing process -- you can't just set everything up and expect to be protected forever. Also, it's important to remember that unless you employ common sense and prudent Internet habits, you're courting disaster.

Spam Statistics
Here are some sobering spam statistics from the 2007 Symantic Internet Security Threat Report:
· Between July 1 and Dec. 31, 2006, 59 percent of all monitored e-mail traffic was spam.
· Spam written in English makes up 65 percent of all spam.
· The United States is the origin of 44 percent of all the world's spam.
· Ten percent of all e-mail zombies are in the United States, making the U.S. the zombie computer capital of the world.

One out of every 147 blocked spam e-mails contained some kind of malicious code.
Antivirus software is an absolute necessity. Whether you purchase a commercial package like McAfee VirusScan or download a free program like AVG Anti-Virus Free Edition, you need to activate it and make sure your version remains current. Some experts say that to be truly effective, an antivirus package would need to update on an hourly basis. That's not practical, but it does help stress the importance of making sure your software is as up to date as possible. For more information, read our article on How Computer Viruses Work.

Install spyware scanners to search for malicious spyware. Spyware includes programs that monitor your Internet habits. Some go even further, logging your keystrokes and recording everything you do on your computer. Get a good anti-spyware program like Ad-Aware from Lavasoft. Like the antivirus software, make sure the program stays up to date. To learn more, read our article on How Spyware Works.

Install a firewall to protect your home network. Firewalls can be part of a software package or even incorporated into some hardware like routers or modems. To learn more about firewalls, be sure to read our article on How Firewalls Work.

You should also make sure that your passwords are difficult or impossible to guess, and you shouldn't use the same password for multiple applications. This makes remembering all those passwords a pain, but it gives you an added layer of protection.

If your computer has already been infected and turned into a zombie computer, there are only a few options open to you. If you have access to tech support who can work on your computer for you, that would be the best option. If not, you can try to run a virus removal program to kill the connection between your computer and the hacker. Unfortunately, sometimes the only option you have is to erase everything on your computer and reload its operating system, then starting from scratch. You should make backup disks of your hard drive on a regular basis just in case. Remember to scan those files with an antivirus program to make sure none of them are corrupted.

Your computer is a great resource. Sadly, hackers think the same thing -- they want to make your computer their own resource. If you practice careful Internet habits and follow the tips we've described on this page, your chances of your computer remaining secure are very good.


Taken from
http://www.computer.howstuffworks.com/zombie-computer.htm