Our Opinion September 2001

Our Opinion Page for September 2001

Personal Computer Security And The Home User.

Last month was a downer and a half let me tell you. It all started as stated on the 1st of the month. Every CodeRed infected PC on my ISP's network, about turned and started blasting out thousands of requests to other computers causing total congestion at their high speed transparent (hah, hah) cache. It wasn't so transparent for me this month, because I couldn't get BY (hint) it. Even though my ISP tried to prevent the effects on other network users, I still found over 1000 request a day in my server logs for a default.ida file, that didn't exist on the server. To make things worse, other users on the Internet were unable to connect or waited a long time for pages to open when they tried to connect to my web server. Just to make things really crap, the same ISP had the whole range of IP addresses under its network blacklisted from mailservers all over the world, that use anti open relay and spam protection. So no one would except an email from me.

I bypassed my ISP's transparent cache, simply by using another proxy server that communicated on a different port than 80. The proxy server then requested web pages from sites on my behalf on port 80 and sent the request back to me on the port I was using. Luckily my ISP only caches port 80. As for sending email, I used their webmail service, a web browser and the same proxy server to act for me. To get around the problem of my site readers browser's unable to connect to me on port 80 from outside my ISP, I simply configured another proxy server to act on my behalf and listen for requests to my domain on port 80 and re-route them to my computer web server on a port other than 80 and again successfully managed to bypass my ISP's jammed transparent web cache.

Personal Computer And Network Security

I am not going to elaborate too much on the subject because there are better sites, which I have listed below that have the information you will want to know. Basically, if you are connecting to the Internet and are therefore part of a network, it is very important that you understand the potential for abuse and misuse of your computer. I am not trying to scaremonger anyone, but this is a very serious subject.

Out of curiosity I looked into the security of my networked computer which I also use to connect to the Internet. Like a lot of other home users, I share my Internet connection with more than one machine. I had already installed a firewall, antivirus software and anti spy software on all of my computers long before. The first page that I visited threw up a warning almost immediately. Because of the way the warning was presented to me and my lack of knowledge, I completely misunderstood the whole problem and skipped my way through the tests, thinking that all was still welcome.

I will explain the whole problem. Programs that I had already installed on my computer as part of the operating system and applications that I use, were mostly responsible for why I had a serious threat. The biggest source of threat to my computer was Microsoft Windows and Microsoft Applications specifically. Once these were in place and I connected my computer to the Internet everything that I used my computer for was potentially exposed.

I said this wasn't going to be elaborate, so think about something I read that was posted on a bulletin board. The first post said do I really need to secure my computer. Surely Microsoft know what they are doing, after all they are a big company. I trust they have fixed everything they said they would. The second post, in reply said that if someone who could, wanted to use your computer as a host and then use it for everything you can and much more and also cover everything up and remove all trace of ever having been there. Even as you plead your innocence, to the polis at the door all the evidence would point at you.

Here are the links which open in a new window:

The starting point, if you like - The Gibson Research be sure and check out Shields Up.

Tinysoftware offer a free personal firewall. TPF represent, easy-to-use personal security technology that fully protects personal computers against hackers. A major weakness in many network security devices is during the brief window of time between when the hardware is actively capable of routing traffic and when the software takes over control of the network interfaces. Tiny Software’s driver, or Engine, activates as the core files of the Windows operating system (the kernel) load themselves into memory; specifically, the engine loads before the NDIS (Network Device Interface Specification) modules are loaded, so that no network connectivity is supported before Tiny Software’s firewall technology is active.

A lot of my customers, colleagues and friends are using the popular software zonealarm which is offered to you free from Zonelabs. The program is easy to install and set-up and useful for monitoring every program when it then runs on your computer and tells you if it is attempting connection to or from a IP address.

Now, get ready to rid Windows of all that spyware. Ad-aware is a small and easy to use program that will scan your system for known advertising systems, and lets you remove them safely from your system. You can download their latest free software from lavasoft. Take time and read the FAQ on the site which will open your eyes.

Anti-virus software is useful for detecting many Trojan software programs and backdoors that can be left open for a hacker to find. Download and install a copy of AVG 6.0 Free Edition to reliably protect your computer. Click this and then go to their download page to get more information.

Once you have understood and done all that, go this and read what these guys have to say about securing Windows.

Until next month cya in cyberspace.

October's Opinion

August's Opinion