The Anatomy of Computer Hacking Over The Internet - Part 4
In past three issues, we talked about the three stages of Internet
hacking: reconnaissance, research, and attack.
Fact is Internet hackers want what's on your computer. They want
to see what's there, maybe do something with what you've stored
there, or perhaps take control of your computer for them to use it
as they please.
It's also easy to find other computers on the Internet. And
breaking into one belonging to a clueless soul isn't hard either.
Worried? You bet you should be if you haven't done anything about
it yet!
I'm going to give you some basic info to get you started on
protecting yourself... but it's up to you to act now - if you
haven't yet.
I call it the common approach to layered security.
Put layers on layers of defensive measures around your personal
computer - like a fortified castle - so you're not exposed if one
layer fails.
The security layers are also cumalitive in effect.
If one security layer is only 50% effective, 1 hacker out every 2
would get through. But when you combine two different security
layers that are 50% effective each, the number goes down to a
hacker out every 4 getting through. Add another security later of
effectiveness, and the number drops down to 1 of every eight
hackers... and so on.
In oversimplified terms, two different security layers that are
50% effective each are 75% effective combined.
Using the fortified castle as an analogy, intruders had to
penetrate several layers of defenses to get inside a castle during
the middle ages.
The intruders first faced the archers' arrows while crossing open
fields surrounding the castle. Then they had to get over a
surrounding moat. Once over the moat, they needed to break through
thick solid gates or climb over tall rock stone walls - all the
while the defenders dumped scalding hot oil and rock onto the
attackers. And inside the outer wall, the attackers might face yet
another wall and more defenders.
The defender's goal was to reduce the number of attackers at each
defense layer - until the remaining number of attackers came down
to a manageable level.
And the same goal goes for good security practice today.
Now while you can't immerse hackers in scathing hot oil or
ventilate them with arrows (as much as you might like to), you can
easily and cheaply put up similar barriers to keep intruders out.
Here's how:
1) Create a security perimeter with a separate "firewall." Look at
this layer as the open field and moat in the fortified castle
analogy.
These "firewalls" are stand-alone hardware devices in nature.
I suggest having these because they're less likely to shut off
accidently like software "firewalls." And the separate firewall
provides an extra layer of security removed from your personal
computer.
Hardware "firewalls" have also come down to more affordable price
levels - as low as under $70.
Commerically available "firewalls" barely existed when when I
created my first web site (about the same time Microsoft put up its
first web site). Firewalls back then did a simalar job as personal
firewalls today, but sold for tens and hundreds of thousand dollars.
So price shouldn't be an issue especially if you're connected to
the Internet with an "always on" high-speed line.
The ideal way to setup these firewalls is to allow outbound
connections to the Internet, and disallow inbound connections from
the Internet.
If you must allow inbound connections, you're on your own... No.
Seriously, managing inbound connections requires more attention,
which goes beyond the basics we're talking about here.
Depending on reader demand, I might cover this in a future issue.
I use a Netgear router firewall for my personal Internet
connection, but you have many choices depending on your needs.
Note: If you're using telphone dial-up Internet service, you can
worry less about this type of firewall security. You're likely to
be assigned a new Internet address each time you dial-up for
Internet service. You're a moving target with dial-up service, and
the hacker doesn't have as much time (or connection speed) to do
his work while you're online. Plus if you have the next layer of
security I'm about to
talk about, it gets even tougher for the hacker.
2) Create a second security layer of security with a PC-based
"firewall." This layer can be viewed as the stone wall in the
fortified castle analogy.
These PC-based software firewalls do the same thing as the
hardware firewalls - but it sits on your computer. Once the hacker
gets through this layer, he's inside your computer. You're also
exposed if the software firewall accidentily shuts down.
Other methods can lock down your computer without firewalls, but
I'm keeping it simple here. Personal firewalls have become a
standard. Even Microsoft gives away a free version with Windows XP
today.
If you don't have one yet, get one right away! Even if you use the
free Windows XP SP2 package, Internet security software is a
personal computer necessity.
A couples weeks ago, Denise P, a fellow Canadian PMI reader asked
which Internet Security package I recommend. Thank you for asking
Denise.
It had been a while since I last looked, and the players in the
market have changed quite a bit. I was surprised to find
yesterday's top players had fallen behind, or were no longer
favored among reviews.
Of all the Internet security software packages I looked at, I
recommend PC-Cillin Internet Security 2006 today. You can get more
details on this package at the following link.
http://www.amazon.com/exec/obidos/redirect?link_code=ur2&tag=protec
myinfoc-20&camp=1789&creative=9325&path=tg%2Fdetail%2F-
%2FB000BJLN10%2Fqid%3D1132883656%2Fsr%3D8-
2%2Fref%3Dpd_bbs_2%3Fv%3Dglance%2526s%3Dsoftware%2526n%3D507846
I suggest integrated security packages primarily for performance
and anti-aggravation reasons. I've found mixing and matching
security software drags down desktop computer performance. And
some won't play with each other. Avoid this unless you like
tinkering with your computer.
3) Take precautions when you let anything inside your security
perimeter.
This deals with allowing outside connections or files into your
computer. There are many ways in, and I'll talk about this in
upcoming issues of PMI. For now, the best protection is not to
allow outside connections or files into your computer if not
necessary.
4) Update your software
Don't run unsupported and out-of-date software.
Some people call this patching. Other call it upgrading. In any
case, keep your software up-to-date.
People make software and people make mistakes. Because of this,
software have flaws... flaws that allow people to make the software
do things that weren't intended - like giving control of your
computer to hackers.
Don't buy into the argument that only Microsoft makes software
with security flaws. All commercial software have flaws, so be
vigilant.
Make sure people who make the software you buy fix their flaws.
Microsoft has done a great job with their Windows auto-update
feature. Use this feature if possible.
You can also manually update your software, but I don't recommend
this if you run a lot of software. It's a pain, and you should know
your risks if you decide to ignore what should be done.
By following the layered approach to security, you remove a vast
majority of Internet hacking attacks. The remote hacker can't do
much if your computer won't accept incoming connections. The
hacker can scan all he wants but he's not going to find much to
attack. He's likely to move on to
find easier targets.
The four recommended security layers here won't protect you 100%,
but it's a start starting point.
In future PMI issues, I'll cover other attacks and ways to defend
against them.