In fact, some say the time is more like 20 minutes.
Yes, people have been warned for more than a decade about e-mail viruses. 'Don't open attachments from people you don't know' is repeated as often as 'red and yellow kill a fellow.' The latter rhyme is taught to children in the American South so they can distinguish poisonous coral snakes from harmless imitators. Anti-virus software is considered basic PC equipment.
But now more and more people have their computers connected to the Internet through high-speed broadband connections, typically via DSL or cable modems. When they used dial-up modems, they were only online for the time they were dialed in, and their bandwidth didn't leave much room for an intruder. With broadband, the machine is online for the entire time that it is turned on. Many PC users, disgusted by the amount of time that a power-on boot-up takes when they just want to check e-mail, simply leave their machines running. There is plenty of bandwidth into the machine, so a hacker is at leisure to launch an attack.
Typically, the experts say, the hacker is interested in taking over unguarded PC's for the purpose of launching attacks against third parties. The hacker will take over several machines and have them bombard a particular Internet address with data packets, to try to flood it and drive it off-line. These are called distributed denial of service (DDOS) attacks.
Zombies
For instance, in the U.S. a man was recently arrested for repeatedly taking over the computers of subscribers in various cable modem networks and using them to bombard selected newspaper sports writers with tens of thousands of copies of e-mail messages denouncing the management of a particular baseball team. He did it nearly three dozen times and seriously disrupted the e-mail systems of his victims.
A PC that has been taken over by a hacker that way is called a zombie. A PC can be taken over in such a way that the user will not notice anything is happening. The only outward sign may be that the anti-virus software has suddenly and mysteriously been disabled. (A clumsy attack can cause damage, however.) People have successfully defended themselves against child pornography charges by saying that an unknown hacker must have placed those pictures in that computer. Other people have suddenly found their Internet service providers threatening to kick them off-line for being the source of a DDOS attack.
While inside the computer, the hacker can rummage around and examine any files he finds. Anyone with confidential material on his PC may find that he may as well have published it on the Web. If you keep personal financial information on your PC then the possibility of identity theft is continuously present.
Fortunately, each PC on the network is just another Internet Protocol address, and each machine usually gets a new address each time it logs on. Therefore, once a hacker leaves, he may or may not be able to find his way back.
A better from of protection is the desktop firewall. Firewalls come in many varieties. However, it should at least close the thousands of Internet ports (actually, sub-addresses of the main address) on your machine that are not being used at a given moment.
It should also stop your machine from responding to the kinds of inquiries arriving from the Internet whose responses would reveal a description of your operating system, so a hacker would know what attack should work. It should also stop the machine from sending files without permission. It may be able to monitor traffic to and from the Internet, to spot anything malicious. It may monitor which software has permission to use the Internet.
Windows XP has a built-in firewall, although the experts dismiss it as marginal. Line-sharing devices, which many people use in their homes to share a broadband subscription, include hardware-based firewalls. The experts speak more highly of them, saying they can make your home machines invisible to most hacker probes. Beyond using some kind of firewall, the experts suggest:
Lamont Wood