Well to start out, this might should be crosslinked in the computer security section, but I’m putting it in commentary primarily to catch those who might not typically look at computer security.
First, why should you care about keeping your computer secure? I’ve heard people ask something like this. Usually they say, “I don’t care who sees my documents, I don’t have anything that important on there….etc. etc. etc.” You’ve probably heard or said similar. After all who would be interested in your speech to the Kiwana’s club? The sign up sheet for the Church cookout? etc. Well, unfortunately this argument is very shortsighted. Here’s why.
These days I have a very highspeed connection to the internet and so do many of the people I know, in addition most of the day the machine is actually connected to the internet. No need to dial. In fact our connection here is 24 hours a day. This is very convenient of course, but it’s convenient not only for us, but those who make a hobby or pasttime of breaking into computers, pushing the internet to it’s limit and otherwise just getting into mischeif.
A good example of this is an account I read at Gibson Research about a Denial of Service attack against his website. The account started that his webserver suddenly began being flooded by requests for information. This occured to the extent that legitimate requests returned error messages (site unreachable, etc.etc.) Upon investigation he found the packets of data were coming from regular desktop machines across the internet. Further research turned up “zombie” programs. These are programs that are installed on a machine and then can be remotely controlled. Not necessarily wipe the hard drive/ open the cd tray remotely controlled, but they could be told to suddenly start asking for data from a web site. (Any user at the machine would be completely unaware of this, except perhaps for a slowdown in internet activity.)
The person/people that had been using these zombies to attack the website, had primarily targeted connections that were always on, i.e. they could find them again after the initial zombification. The second preference was for a high connection speed, meaning that it had a fair amount of network “muscle” in trying to strongarm a website. Multiply 1 highspeed cable/dsl connection by the 100′s of zombie machines and you have a significant amount of bandwidth, enough to take out a webserver. And of course all of the log info would probably point back to the infected desktop machines, not the original perpetrator.
Now this isn’t the only way a machine can be used to attack another. Malicous hackers, after gaining access to one machine many times will use that box to try and attack another machine, further covering their tracks. Another point to note here is that it doesn’t necessarily take a skilled computer wizards to break into a machine or install these backdoor/zombie programs. Usually the crackers (those skilled at breaking into machines) write scripts or programs to automate the progress. Many times these are then modified and simplified to the point that anyone can use them. They are many times easy to find and download, then run with a point and click interface. Those who use these techniques to hack systems are usually referred to as script kiddies.
Another point to make is that a hacker is rarely interested in your personal files. You’re absolutely right. He/she does not care about the letters to Grandma, the vacation pictures or the school paper. However, using the internet, we do conduct a fair amount of business over our computers. Anybody ever type a credit card number in? If you’ve ever done ANYTHING such as logging in to another computer, or typing username password information, or credit card information, you could be vulnerable to another type of attack. Keystroke loggers keep track of EVERYTHING that is typed on a machine and either log it to a file, or send it over the internet to the person who installed it. Many viruses of late have included keystroke logging “features”. This behavior usually occurs without the users knowledge, that is until someone in Timbuktu starts charging big purchases on that Visa card you used online last week.
The internet is a shared medium in MANY ways. This is true even when it comes to security. So think of the security of your machine as something you should be interested in, not because you have valuable data, but to help protect others. The internet’s version of a community watch?
Well, if this has you wanting to pull the plug on the computer and never use a networked machine again, you’re not alone. Welcome to reality. It is scary what is possible, but there are ways to keep your machine secure and relatively safe from such threats.
So, here is the second section. How to keep your machine secure. First, install an antivirus program and most importantly keep it updated. 4 times a day for mailservers is a good update schedule, and perhaps every 5 days for a work desktop, or any desktop with a persistent internet connection. Maybe once or twice a month for dialup users.
Install or purchase a firewall. There are software firewalls, like zonalarm. Some operating systems come with firewalling software. These are adequate for home use. However if you have multiple machines I’d suggest a hardware firewall/router. It’s also important to have a working knowledge of how it works. Make note of the configuration changes you make and maybe even check from time to time the logs or the list of ports which are open to the outside (if any).
Keep your operating system updated. This doesn’t mean go out and buy the latest version of windows when it comes out. There are security updates released for every operating system. So for instance, Windows 98 may still have occasional security updates. Find out how to download and install routine security updates.
Learn what is normal for your system. I don’t know how many times I’ve been called to look at a system that is crashing, note that there is no antivirus icon in the system tray, askthe user and they haven’t noticed anything out of the ordinary. Then I discover a virus running in memory which has disabled their antivirus. Look at each of the system tray icons and see what it is. Press control-alt-delete and see what is running. Yes it’s detective work. But it is important to get a feel for what your machine is like when all is well. (You might also use msconfig to change the items starting at boot.) If you find things running that you don’t need running, find out how to disable them. One aggravation I had with my copy of Frontpage a couple years back was that it required a webserver running locally to work, I occasionally edited web pages, but I always had the webserver running! I disabled that and made a link to the program to start/stop it on the desktop for those occasions when I needed it.
Sometimes software vendors aren’t quickly forthcoming with security information. It’s a good idea to find a few security resources online so you hear more than the company line.
I hope I haven’t scared you too much, but a certain amount of paranoia makes for a good defense. I hope this has been useful to someone out there.
Related PostsRelated Posts
- How to Remove AntiAid | AntiAid Removal Guide AntiAid is a rogue antivirus/security program that is from the Wini family of Rogues. This is a bit of a departure from much of the long recent history of these rogues due to a new user interface. This rogue (and it's family) is usually advertised (pushed would be a better......
- Symantec Antivirus Remotely Exploitable Vulnerability This is bad - whose defending the defender? eEye security has a bulletin announced that regards a remotely exploitable vulnerability in Symantec Antivirus 10.x and Symantec Client Security 3.x They say other versions MAY be vulnerable they're waiting for information from Symantec. Now, Symantec is probably the biggest selling antivirus......
- How to Remove SoftSoldier | Soft Soldier Removal Guide Soft Soldier is yet another entry in the long wini line of rogue antivirus applications. ( TrustFighter TrustFighter Removal Guide, TrustSoldier removal guide and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter Removal), SecuritySoldier (SecuritySoldier Removal) and it also has gone under other......
- Save Time, Money and Space in Over 80 Ways If you're looking for handy gadgets, tools and various items that can save you time, money or space (or all three!) this list of more than 80 top products is just what you need. Everyone's got saving money on their minds these days- whether your at the grocery store, or......
- FAQ about computer security Q: The virus blocked the registry access and how to get rid of it?A: You can deal with like this: 1. Click on Start -> Run (or Start Search in Windows Vista). 2. Enter GPEdit.msc and then press Enter. 3. Navigate to the following location: User Configuration -> Administrative Templates......
- Ceiling Fan Installation Do-it-yourself ceiling fan installation can save you money both on the installation and your home's heating and cooling costs. While running the fan in the summer can cool a room and give your air conditioner a break, running a ceiling fan on low in the winter can help distribute warm......
- 10 things to do before hooking a Linux PC up to the net
- How to Remove Desktop Defender 2010 | Removal Guide
- Busy Evening
- How to Remove AntiKeep | AntiKeep Removal Guide
- Network Security guide for the home or small business network – Part 13 – Your own worst enemy