Your HDD is not exclusively place to store information in WWW. The network worm does not need your HDD, it has its own HDD somewhere on the WEB. Where your computer's address is stored as well.
And once again, so many wrongs in what you said.
[Note: I haven't done network and security admin works since a bit more than a decade, therefore be indulgent.]
The World Wide Web is just a part of Internet. One of the many protocols that can be used over it, and the less likely to be used by worms since, client side (your side) it do not accept incoming connections. It's used to spread virus and malware, but it only exceptionally spread worms.
No, worms are spread through the many other protocols. Mostly through
You must be registered to see the links
(e-mails), like the well known
You must be registered to see the links
, but it's far to be the only way. By example,
You must be registered to see the links
was targeting directly the OS through its own networks sharing capabilities, while
You must be registered to see the links
was relying on five different methods, including backdoors left by other worms. And obviously there's the worms that aren't explicitly designed to target personal computers, like by example
You must be registered to see the links
, or even not at all designed to target them, like the more recent, because I'm not just an old fuck,
You must be registered to see the links
.
After all, between the servers (direct or indirect like
You must be registered to see the links
or
You must be registered to see the links
) and
You must be registered to see the links
, there's more "stand alone" computers connected to Internet that there's personal computers connected to it. And for them you can be sure that they will be up 24/24 7/7, while having a static IP address. Like they also are remotely administered, sometimes by people would don't have a single clue regarding what they are doing, you've more chance to pass unnoticed in a too big part of them.
Since they are in constant use, it's also more difficult to quickly clean them. I don't remember what worm it was (perhaps ILOVEYOU, but no guaranty), but I remember one that was so virulent that it led to a world wide network load near to 99% for near to five hours. It was in the mid 00's, a time where the whole network was only exceptionally facing a 50% load. Yet most ISP where doing their share, less than 30 minutes after the start of the attack (because it was an attack against the network), my ISP was already dropping all incoming infected e-mails. To help you have an idea of the spreading speed of this worm, I received near to a hundred of those e-mails on my main address... yes, in less than 30 minutes ; it make an average of one every ~15 seconds just for one e-mail address.
Plus, with high speed internet connections, individuals are more likely to be connected through a "one to many" box and not through the good old "one to one" modem. Therefore there's a
You must be registered to see the links
layer and incoming connections are less likely to reach a destination ; unless badly configured, the box will not know to what computer it should forward the connection and therefore it will simply drop it. /!\ WARNING /!\ this do
not prevent you to use an IP filter (a firewall), it just add a layer to the security of your computer(s)
if the box is correctly configured.
So, in a way it's not false to say that worms don't need our hard drives. But it's the same for any threats, including malwares and viruses. Before reaching our computer, they were located somewhere else ; a somewhere that sometimes happen to be a network server.
But it's totally wrong the way you present it, because
no the worm you get are
not located on a server somewhere on the network, waiting for you to go back online to infest your RAM once again. And, of course, even less located on their own server.
It would be so easy to stop a worm if it was the case. Each
You must be registered to see the links
corresponding to a network communication contain both the emitter and received IP address. And since worms are bigger than the average
You must be registered to see the links
, the emitter IP address can't be
You must be registered to see the links
; else the receiver wouldn't be able to ask for the next packet and the worm wouldn't be sent entirely. This mean that it just need one competent admin to know what server host the worm. Starting there, in less than one hour all routers around the world would be reconfigured to just drop any packets coming from this server, stopping definitively the infection. It would also put the pressure on the admin of the said server, since his server would be totally isolated outside of the network until he can prove that he cleaned it.
So, yeah, you should stop trying to talk about worms, viruses, malwares, and probably also more globally about computer security.
Hmm... Yeah, I know, I must have a thing for those clothes...
