As I was installing LittleSnitch 2.2beta1, I wondered if that little app could warn me if my computer was being used as a robot site on a botnet. That led me to wonder what the current status is. Are unprotected Macs being used as robots? How much protection is really needed to ward off the threat if it exists?

I didn't put this post in the Networking Forum because it doesn't state a current issue that needs troubleshooting. Was that a proper conclusion?

Hopefully Tacit will chime in on this one as he is the expert on malware, but AFIK no Macs have been or are being used as bots. If they are it would be because the user was complicit in installing the bot, either through malice or because they were duped into it by installing pirated software or thinking it necessary to view a new porn or other video site.

As to where this post should be lodged IMO there is a legitimate technical question here, even though it is not directly related to "fixing" something. I would have no trouble with this being lodged in the Networking forum. But that is only one mods opinion and I do not moderate the Networking forum.

Thanks for the reply. I'm not trying to provoke a complicated discussion about classification. I simply want to fit comfortably into the mold and need a little coaching. I love this forum.

Right now, there is only one piece of malware that can be used to turn a Mac into a zombie or bot. It's called OSX.iservice and it can't be installed on a Mac automatically; it must be installed by the owner of the Mac, who must type in an administrator password in order to be infected.

OSX.iservice is not widespread; it has infected only a small handful of computers. It was spread disguised as phony pirate copies of iWork or Adobe Photoshop CS4 on some P2P networks; people believed they were getting bootleg software for free but ended up instead infecting themselves.

OSX.iservice installs a program on an infected computer that allows hackers to control the infected computer remotely; they can see and copy files, instruct the computer to send mail or connect to other sites, and so on. (That's what a botnet is--a network of computers that can secretly be controlled by hackers via remote control. A lot of the world's spam and nearly all denial-of-service hacking attacks are made from botnets.)

Having a program like Little Snitch running will indeed notify you that this malware is running, and if you configure it to block outbound and inbound connections, it will prevent you from having your computer hijacked by the malware writers. So will running a router on your home network; if you're connected to the net through a router, the router-'s built-in firewall will prevent you from having your computer taking over. A better way to safeguard yourself, of course, is not to try to steal software.

Thank you for the clear, concise explanation. It is very helpful. I have in place all three of the precautions you mentioned.