This site is best viewed with your screen resolution set to 1024x768 or higher.
650-728-7918 tech@mikecomputerguy.com


Interent Security


Computer users need to be aware of the many security issues that arise from having their systems connected to the Internet. Most broadband connections are "always on" connections, leaving the system open to intrusions even when the user is not browsing the Web or retrieving email. It is less likely that you will have a problem with a dial up connection, but it is still possible.

People often think they do not need to secure their systems. I have heard many people claim that no one would be interested in gaining access to their system. They say that even if someone were to get into their computer there is nothing of interest for them to steal or damage. Many of the attackers who break into personal systems are not after your data. They are looking for a place to load a hidden program that will execute on a specific time and day triggering a Denial of Service attack against a larger target. If the attacker is able to get his hidden program on tens of thousands of machines, and they all do a simple Ping Attack against a larger server all at the same time, this could bring that system down.

When a computer is compromised, it is often attacked by an automated script and not a person sitting at a keyboard attempting to get into a specific machine. The script runs scanning thousands of machines looking for ways in; if one is found it loads a program, worm, virus, or whatever. These attacks are not looking specifically for your computer, just any open system.

There are several simple steps computer users can take to deter unauthorized access to their systems.
  1. Do not leave you computer on when you are not using it.
  2. Keep Windows up to date:
    1. You can go to the Start Button in Windows, then select Programs, then Windows Update.
    2. In Windows XP you can set this to happen automatically. Right click on My Computer then select Properties. Click on the Automatic Updates tab.

    Always download the critical updates. I also like to download the Recommended Updates.
  3. In Windows, disable File Sharing unless you have a need to share files with other computers on your network. If you do need to share files then share only the specific folders and not your entire hard drive.
  4. Keep your antivirus up to date. Many viruses allow unauthorized remote access to infected systems.
  5. Choose good passwords. Good passwords should contain letters, numbers and punctuation characters. The more characters the better, with 8 being a minimum. Bad passwords are names of pets, family members, social security numbers, etc.
  6. Install software firewall. There is a free one available at http://www.zonelabs.com called Zone Alarm, which does a pretty good job. You need to be aware that a software firewall is only as secure as the operating system that it runs on. Since most people run Windows, this means your system is not very secure. Expect to spend a bit of time configuring a software firewall. Zone Alarm needs to learn what is allowed to access the Internet and what is allowed to access your machine from the Internet. You will often get alerts about obscure programs either trying to access your machine or something trying to access the Internet from your machine. It is not always clear what to do in these cases, but a quick search on the Web will often give you a decent answer. Windows XP has its own software firewall, but it is rather basic.
  7. Buy a hardware firewall. Most of the inexpensive firewalls/routers use what is known as NAT. NAT stands for Network Address Translation. With NAT your external IP address (the address that uniquely identifies you on the Internet) is assigned to the router/firewall. Any computers attached to the NAT box will be assigned a local IP address. Local IP addresses are not accessible externally from the Internet. So, in theory, if someone tries to get in they can only access the NAT box, keeping your system or systems that are attached to the box safe.
  8. Buy a dedicated hardware firewall. These can get a bit pricey, but provide more flexiblity and security. Check out http://www.sonicwall.com/


No security solution is 100% effective. However, the more deterrents the more likely the intruder will leave and try to find a system that is easier to get into.

Related links:


©Copy Right 2001 Mike The Computer Guy, All Rights Reserved.