Have you ever wondered how secure your PC is? This article will give you a brief overview of PC Security.
If you think its secure then read this and then ask yourself if you still think the same afterwards.
Now as I look after a number of corporate computer systems which have a permanent connection to the internet and having found a Trojan on one of these systems last year, a Trojan is a program which uses your computer to attack others, hiding the true identity of the attacker and making the attack look like it came from your system. I am now thinking if this can happen to a machine which has had all the latest security and operating system patches installed on it, what can happen to the home users machine which is poorly/never updated and can be attacked easier? But what other things can people look at on your PC when you´re connected to the internet, or what about the information that is send or received by your computer? Or what things does your Internet provider log when you are online or what about your email? Are they reading it? Or is it being stored somewhere else?
Okay I don´t have all the answers but I do know that there is an awful lot of disk space being dedicated on the internet to log details about you and other users that are logged on. Such things as the web sites you visit, as well as who and when you are sending email to. My company does this and this isn´t because we require information on our users but because of system crashes or people trying to hack our servers. However there are a lot of people out there who will collect and use information to either make money or cause harm.
Take the Dooyoo web site for instance (http://www.dooyoo.co.uk), I would imagine that they have some form of user tracking system so they can see which users visited which pages and also they DO have the facility to track which opinions I have read, or commented on. Of course this is to make the site more functional but what if this was used for bad and not good?
I´ve split the page down into various types of attack and I´ll do my best to explain each in turn.
PC Security – Connection
Are you connected to the internet? How secure is your machine whilst your connected?
Now the average home user is not concerned about security on their PC. If your only have a 56k modem connection your probably even less concerned as it takes ages to download any service packs or virus updates. This is where your problems will start.
Because Mr X the computer hacker is a tireless beast with many heads who requires a host computer to commit his or her evil deeds from. They will hunt the internet for unsecured machines which they can use to commit these offences. This could be your PC. They don´t even have to be sat at their computer to do this as automation programs do it for them and log the details of insecure machines for later use.
If you can’t download the latest updates for your operating system or you have an older OS then you need to have some kind of protection against these people. You need a piece of software called a Firewall.
PC Security – Firewall
Now a Firewall is a piece of software which is installed on your machine and metaphorically speaking sits between your PC and your internet connection, kind of like a guardian. Now this still allows you PC to see the internet but stops access to your computer from the outside world.
If Mr X tries to hack into your machine the firewall gives then a metaphorical slap on the wrist and denies them access. It should also tell you that Mr X has tried to access your machine. Allowing you to inform somebody about this.
Okay here comes the technical part. The internet uses a series of ports to access certain programs on your computer. These can be best described as doors to different areas. For example port 80 is used for displaying web pages (if you go to http://uk.altavista.com:80/ you will still get a web page, however trying http://uk.altavista.com:21/ will not). Now some of these ports are always open and this is where your machine is open to attack from Mr X.
To see the number of ports and what they all do, take a look here.
There are several thousand of these ports open on your machine at any one time and you need to close these and prevent others accessing them. The easiest way is with a software firewall such as ZoneAlarm from ZoneLabs. If you have a broadband connection or an office connection then you might want to consider a hardware firewall, which is a physical box which sits in between your PC and your internet connection. These a relatively more expensive than there software counterpart but offer far greater protection to any attack. I recommend the Netgear or 3Com firewalls as there a doddle to setup, they can be updated, but they start around the £50 (Netgear) / £300 (3com) mark, although if this is for your office then its a bargain.
To test which ports are open on your machine then try this link to the Gibson Research Corporation who do a great deal of testing to prevent hackers from gaining entry to your machine.
Try this url: http://grc.com/x/ne.dll?rh1ck2l2
If any of the ports are reported as open then you need to take action because if your connected to the internet your machine is liable to attack.
If you have Windows XP or Windows 2000 then these operating system have a built in firewall, although its not the best in the world. Poor protection is better than no protection.
PC Security – Trojan Horse
No, this is nothing to do with ancient history but more to do with what the original Trojan Horse did. The Greeks built a giant wooden horse and offered it as a gift to the people of Troy, this was so they could gain access to the city after years of besiegement. Once the horse was inside a small band of men hidden inside the wooden horse waited until nightfall before then climbed out and killed the people of Troy. So a Trojan horse is something which allows others to gain access and do things not possible previously without access.
A computer Trojan works in much the same way.
If your computers ports are open as detailed previously, then a trojan could be put on your system by Mr X which could then be used for a multitude of sins and you can be sure they are all bad. Whether this be to gain access to your computer and then access information held upon it or it could be used to gain access to other computers from your computer. This masks an attack from Mr X making it appear as if you have implemented the attack. The worst thing about this is that you could be held liable for these actions.
It could be used for something as sinister as gaining access to illegal materials or access premium rate phone numbers whilst you sleep. The first thing you would know about this is when you receive your telephone bill for thousands of pounds. It could just do something as simple as Format your hard drive, destroying all your work and valuable data.
How do I know if I have a Trojan on my machine?
To detect I recommend Tauscan – http://www.agnitum.com/products/tauscan/ or Pest Control – http://www.safersite.com/ they both do the same thing and both have trial version which should be enough to diagnose which Trojan is present. Both these packages should be able to remove the trojan also.
Newer Anti Virus software will check to see if any Trojans are present on your computer but these are only as good as there last update and need to be kept upto date as much as possible. They must also be installed before an attack is done to be more effective. More about this later.
PC Security – Viruses
This is an extremely complex subject and one that I will only touch on.
First off what is a virus.
The dictionary determines a virus as a “a very simple organism capable of causing disease”. This applies also to a computer virus. The computer virus will attack your PC and cause loss of data, system errors, crashes and even total system failure. All could cause you to loose information off your computer and if its complex enough it could spread from your machine to others, your friends and family, work colleagues or even suppliers and creditors via email. The amount of time and effort required to fix your machine is huge, imagine how much time would be expended if this spread to 2 PC each time. Just 20 levels down the line and 524288 have become infected. If it took 5 hours to fix each that´s nearly a years worth of work!
This is of course if nobody had protection against the virus.
Due to the openness of the PC, its operating system and its programming languages the knowledge and ability needed to write a virus is virtually nill. The average 13 year old kid can knock out a virus with a little patience and a few sessions at a keyboard. This means the likelihood for getting a virus on your PC is huge. There are approximately 65000 viruses on the PC, however if your a Mac user there are around 100.
Protection against viruses is easier than most as you just need to install a virus checker on your PC which looks at all files coming into and leaving your PC for viruses. If it detects one then it is quarantined or deleted depending on the settings you specify. Most modern virus checks will automatically check your email as well as this is the medium most virus are now spread from machine to machine.
I only recommend one virus checker and that is F-Secure. This has detected viruses on a corporate intranet when others had failed. It is available from http://www.f-secure.com and cost $80 for the home user, which in my book is a very good deal.
I will not recommend Symantec Norton Software as it is completely ineffective against viruses. On a corporate intranet where I used to work all the machine with Norton installed where infected with the SirCam virus whilst the F-secure machines were not. Both versions of software where up to date! To me the Norton stuff is trying to be all things to all men and this leaves short falls in the software. Get a dedicated Anti Virus program.
PC Security – Emails
So what about emails. Well I´ll tell you about a few email server software packages that I have used. The first is piece is a bargain basement solution but its still several hundred dollars for just 25 users. Now this software is very widely used especially by smaller Internet providers as its easy to setup and maintain but the protection of the user from a disgruntle or malicious employee is virtually nil. Any email box can be looked inside and emails read with something as simple as notepad. Not very secure at all.
Now what about another program made by the Gates Empire, well the system administrator can see the users but the system keeps all user details in an encrypted file, where they are stored until the user logs on and downloads their mail. However if the system administrator wants the information he can always change the users password and setup his/her own email client with the users details and e-voila, downloaded emails. I know of this happening with one employee (Manager) reading other employees emails. You can even download then and still keep a copy on the server so the user still has to download there emails, so is none the wiser.
So there is always an abuse for privacy at your ISP or System administrator, but what about the message as it flies to its destination in cyber space.
Well your data can be captured but it is fairly difficult because of the nature of the Internet. The Internet uses the TCP/IP protocol, this is what you might call the language of the internet. The way information is sent means the ability to collect information as it passes through cyber space is very difficult but I bet somewhere somebody has done it!
In general the mail systems of the world tend to be pretty secure but they are open to intrusion at the places of sending and delivery by those who administer these systems, so it does wonder what privacy you have on the Internet.
If in doubt about whether to send a particular message because it might contain sensitive information then its best either not to send it or to use encryption software such as PGP to encode it, and decode at the other end or even type the information into Notepad then Zip the file using a password.
PC Security – Updates
If you have read all this and are now pondering your internet security strategy let me just add one last fly to the ointment. You might have been out and bought the best firewall software and best anti virus software in the world, but this is completely useless, unless you keep it upto date. This means using the automatic updates functionality if the software you purchased has these functions or going to the developers website and downloading the latest patches or updates then installing them.
Without these you might as well not bother.
Updates are everything. Remember your software is only as good as its last update.
For the average user once a week is probably enough, for the corporate user updates might need to be done more often. THIS IS YOUR COMPUTER, YOUR BUSINESS AND YOU NEED TO PROTECT IT AGAINST ATTACK! Dedicate time to this and make sure that you continue to do this.
Remember nothing is secure when it comes to the internet and as your computer is your most vital link to friends, family, customers or other employees be aware that somebody somewhere could be making bad use of your computer or attacking it as you read this page without your knowledge!