Network Security guide for the home or small business network – Part 11 – Why?



Alright, so you’re still reading this series and you’re thinking. Look, I’m not protecting national security secrets. All I’m doing is (running a business|emailing my grandkids|using the web for research).

True, good point. You’re not at the defense department. OK. Let’s say you just use your computer for email and web browsing. That’s low priority stuff right? No sensitive information on your PC? Do you ever do banking online? Yes – then you should be concerned… No? You should still be concerned… here’s why…


Let’s say you browse the web and you do get a trojan or backdoor program on your machine. Let’s say it comes from a 2 year old web browser vulnerability that you didn’t know about and haven’t updated for because you’ve never heard of Windows update. What’s the worst that could happen? Well, there are a couple paths. First, likely you will get more and more “stuff” on your pc. One backdoor is enough to open the floodgates for more software. With some classes of software they certainly use the “bring a friend” strategy to infesting a system. Sometimes it’s their 20 closest friends.

Among the side effects are likely more junk mail for you and those on your contact lists, more popups, slower computer performance, more off-the-wall strange computer errors. But why would they want my pc?

There is a great value to spammers to have access to a pc to send out mail. Open relays (mail servers that allow anyone to send mail through) are getting harder to find, most ISP’s are going to catch and suspend bulk spammers, so… their current refuge is home/broadband pc’s for the most part. Another use that these pc’s are put to is in the serving of illicit/illegal files. Let’s say you had made a copy of software to distribute to your “friends”. Let’s say that software license made what you’re doing illegal. (Say it was a copy of Windows XP). You wouldn’t be able to host it just anywhere, you wouldn’t want to host it on your own server and risk being caught, you’d want to shift the blame (and location) to someone that didn’t know any better. There is a great deal of illegal content hosted this way, from cracked software (warez), to child pornography, even phishing sites can be hosted this way.

There is another way cracked PC’s can be of value. One machine visiting a web site can be a normal request for information. 10,000 PC’s visiting a web site at the same time can result in a Denial of Service for other users. Sometimes that’s by accident (serendipity?), maybe a popular tv show or broadcast mentions a websites address. Within minutes thousands of people try to visit and none of them can get the page, the server is overwhelmed with requests. In a distributed Denial of Service attack, multiple PC’s are used to make requests of a site simultaneously. Sometimes these “attacks” can last for minutes, or hours, or days. They might be against joe.nobody.com or they might be against a prominent online business, or maybe against a government computer. In fact, there’s increased involvement of organized crime, offering “protection” for businesses and those that decline get DoS’ed.

Apparently these “botnets” of infected pc’s are so plentiful the price is in the single to double figure $$’s for thousands of infected pcs.

Here’s one more reason for you to think on. Your either part of the problem or part of the solution. When your PC is hooked up to the internet you can either try to secure it and deny spammers/crackers/etc. a haven, or you can blissfully ignore it and you will likely be a part of the problem. So, even if you “don’t do anything with your computer” but email, I think you can find good arguments to be concerned about computer/network security.

Related Posts

Blog Traffic Exchange Related Posts
  • Testing your firewall for open ports For several years now I've used a neat tool at Gibson Research to test a clients firewall quick and easy from the web browser. They have a tool called Shields Up that does a limited port scan to determine of network ports are open, closed or "stealth". One of the......
  • Network Security - Arp spoofing So.... what is arp spoofing (poisoning).... and what are it's implications? ARP spoofing involves tricking a machine into thinking that you're machine is, yet another. Let's put this in IP address terms. Let's say that 192.168.0.1 is the default gatway on the network and 192.168.0.150 is our target. We are......
  • Nugache the latest in bot-net technology... and why you should care about botnets... To show you where the threat with bot networks is going there's a story today on Nugache (Symantec summary) which is a bot that takes advantage of a number of clever tricks to avoid having the whole bot net shut down, allow command and control on an encrypted channel and......
Blog Traffic Exchange Related Websites
  • How to Tell If You Are Reaching Your Audience Is this thing on? If you are starting to feel like you are blogging to an empty room, or your posts are accompanied by the sound of crickets, it’s time to start focusing on whether or not you are reaching your audience. There are a number of methods that can......
  • Mailbag: Hacking your credit score, Too Much P2P, and Giving Away $150 One of my favorite sports writers, Bill Simmons blends humor, pop-culture, and sports into a very successful column for ESPN. My favorite column of his is the mailbag. He publicly answers select questions from his readers. Many times the readers set him up with a punch line joke, the way......
  • Most Efficient Strategy To Get High Back Hyperlinks Via Link Creating Services linlk building packages is the procedure of growing building backlinks of your website by getting url from pertinent websites. Backlink building performs an essential part to maximizing search engine results position of websites. Through getting url while in the period of back links to have websites helps to go the......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site