|
If you suspect you may have a "zombie" PC, run the free Wireshark
network monitor, which I described in an Apr. 3 column as a tool for
capturing network traffic and filtering out the noise. Since bot
programs are pretty noisy, you won't have any trouble spotting them
with Wireshark.
Start by shutting down (or filtering) all programs that are
authorized to phone home via the Internet, such as e-mail and other
network-connected applications. Then let Wireshark monitor your
computer for a while as the machine remains idle. Any subsequent
connections made from the computer must be unauthorized. |