Zombie computers are computers that have been taken over by a hacker without. You've been doing someone else's bidding, and you have no idea how to stop it. Controlled a network of more than 1.5 million computers [source: TechWeb].
In computing, a zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse program and can be used to perform malicious tasks of one sort or another under remote direction. Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service attacks (DoS attacks). Most owners of 'zombie' computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to fictional zombies. A coordinated DDoS attack by multiple botnet machines also resembles a 'zombie horde attack', as depicted in fictional zombie films.
(1) Spammer's web site (2) Spammer (3) Spamware (4) Infected computers (5) Virus or trojan (6) Mail servers (7) Users (8) Web traffic
Advertising[edit]
Zombie computers have been used extensively to send e-mail spam; as of 2005, an estimated 50–80% of all spam worldwide was sent by zombie computers.[1] This allows spammers to avoid detection and presumably reduces their bandwidth costs, since the owners of zombies pay for their own bandwidth. This spam also greatly furthers the spread of Trojan horses, as Trojans are not self-replicating. They rely on the movement of e-mails or spam to grow, whereas worms can spread by other means.[2] For similar reasons zombies are also used to commit click fraud against sites displaying pay-per-click advertising. Others can host phishing or money mule recruiting websites.
Distributed denial-of-service attacks[edit]
Zombies can be used to conduct distributed denial-of-service (DDoS) attacks, a term which refers to the orchestrated flooding of target websites by large numbers of computers at once. The large number of Internet users making simultaneous requests of a website's server is intended to result in crashing and the prevention of legitimate users from accessing the site.[3] A variant of this type of flooding is known as distributed degradation-of-service. Committed by 'pulsing' zombies, distributed degradation-of-service is the moderated and periodical flooding of websites intended to slow down rather than crash a victim site. The effectiveness of this tactic springs from the fact that intense flooding can be quickly detected and remedied, but pulsing zombie attacks and the resulting slow-down in website access can go unnoticed for months and even years.[4] Notable incidents of distributed denial- and degradation-of-service attacks in the past include the attack upon the SPEWS service in 2003, and the one against Blue Frog service in 2006. In 2000, several prominent Web sites (Yahoo, eBay, etc.) were clogged to a standstill by a distributed denial of service attack mounted by ‘MafiaBoy’, a Canadian teenager.
An attack on grc.com is discussed at length,[vague] and the perpetrator, a 13-year-old probably from Sardis, Mississippi, was identified on the Gibson Research Web site. Steve Gibson disassembled a 'bot' which was a zombie used in the attack, and traced it to its distributor.[vague] In his account about his research, he describes the operation of a 'bot'-controlling IRC channel.[5][vague]
Smartphones[edit]
Beginning in July 2009, similar botnet capabilities have also emerged for the growing smartphone market. Examples include the July 2009 in the 'wild' release of the Sexy Space text message worm, the world's first botnet capable SMS worm, which targeted the Symbian operating system in Nokia smartphones. Later that month, researcher Charlie Miller revealed a proof of concept text message worm for the iPhone at Black Hat Briefings. Also in July, United Arab Emirates consumers were targeted by the Etisalat BlackBerry spyware program. In the 2010s, the security community is divided as to the real world potential of mobile botnets. But in an August 2009 interview with The New York Times, cyber security consultant Michael Gregg summarized the issue this way: 'We are about at the point with [smart]phones that we were with desktops in the '80s.'[6]
See also[edit]
References[edit]
- ^Tom Spring (June 20, 2005). 'Spam Slayer: Slaying Spam-Spewing Zombie PCs'. PC World. Archived from the original on July 16, 2017. Retrieved December 19, 2015.
- ^White, Jay D. (2007). Managing Information in the Public Sector. M.E. Sharpe. p. 221. ISBN0-7656-1748-X.
- ^Weisman, Steve (2008). The Truth about Avoiding Scams. FT Press. p. 201. ISBN0-13-233385-6.
- ^Schwabach, Aaron (2006). Internet and the Law. ABC-CLIO. p. 325. ISBN1-85109-731-7.
- ^Steve Gibson, The Attacks on GRC.COM, Gibson Research Corporation, first: May 4, 2001, last: August 12, 2009
- ^Furchgott, Roy (August 14, 2009). 'Phone Hacking Threat Is Low, but it Exists'. Gadgetwise Blog. New York Times. Archived from the original on July 16, 2017. Retrieved July 16, 2017.
External links[edit]
Retrieved from 'https://en.wikipedia.org/w/index.php?title=Zombie_(computing)&oldid=928083298'
![Network Network](/uploads/1/2/6/2/126233564/860829927.png)
Interestingly, it seems that many search engines want to provide my blog as a result when folks want to know something about zombie processes, even though this site has nothing to do with them per se. As such, I will discourse for a bit on the seemingly morbid topic of Zombie Processes, this site’s namesake.
What is a zombie process?
When a process finishes execution, it will have an exit status to report to its parent process. Because of this last little bit of information, the process will remain in the operating system’s process table as a zombie process, indicating that it is not to be scheduled for further execution, but that it cannot be completely removed (and its process ID cannot be reused) until it has been determined that the exit status is no longer needed.
When a child exits, the parent process will receive a SIGCHLD signal to indicate that one of its children has finished executing; the parent process will typically call the
wait()
system call at this point. That call will provide the parent with the child’s exit status, and will cause the child to be reaped, or removed from the process table.How do I see if there are zombie processes on a system?
Run “
ps aux
” and look for a Z in the STAT column.How do I remove zombie processes from a system?
![Pdf Pdf](/uploads/1/2/6/2/126233564/334799656.jpg)
Well, first you can wait. It’s possible that the parent process is intentionally leaving the process in a zombie state to ensure that future children that it may create will not receive the same pid. Or perhaps the parent is occupied, and will reap the child process momentarily.
Secondly, you can send a SIGCHLD signal to the parent (“
kill -s SIGCHLD <ppid>
“). This will cause well-behaving parents to reap their zombie children.Finally, you can kill the parent process of the zombie. At that point, all of the parent’s children will be adopted by the init process (pid 1), which periodically runs
wait()
to reap any zombie children.Why did you name your blog Zombie Process?