Home

Tips

Internet Security News

Recommended Security Software

A recent security survey reported that 20% of home PC's are infected with viruses and over 80% contained spyware and adware.

Frightening figures.
As we rely more on our computers, the potential for hackers to hurt us through them likewise has grown, threatening to expose or destroy our private data and personal records. Current hacker tools are sophisticated, automated, and more difficult to spot. In addition, broadband connections have made us more vulnerable; always-connected computers, typically with static or rarely changing IP addresses (the addresses computers on the Internet use to find you), give would-be attackers unlimited time to discover and exploit system vulnerabilities. With a few tricks and tools, however, you can secure your home or small-office computer against the average hacker searching for the low-hanging fruit. The most common type of malicious software ("malware") is a virus, a bit of code that sneaks onto your machine, normally as an e-mail attachment or download. Traditional viruses self-replicate within a machine but need human intervention (such as sharing infected documents) to spread. Newer malware, including Trojan horses and worms, allows attacks of even greater dimensions.

Named for the Greek legend, Trojan horses, or Trojans, infiltrate your machine and wait for an opportune time to open the city gates. The Trojan listens on a designated network port (more on this below) and waits for a remote program to activate it, then takes control of the machine. Unlike viruses, Trojans don't replicate themselves.

Worms, on the other hand, do replicate, but unlike traditional viruses, worms don't need any user assistance to move from machine to machine. The danger of a worm is that it can allow a variety of attacks to propagate over the Internet. For example, a well-crafted worm can look for vulnerable machines, embed itself in them, and wait to launch a synchronized denial-of-service (DoS) attack on a set target.

By now most people are wary of e-mail attachments they didn't request. But even clicking on a link could allow ActiveX content embedded in a Web site to run programs on your PC, read your Clipboard, and even steal personal data. These days, you need to be vigilant—nearly to the point of paranoia—to stay safe. Plenty of tools are available to keep you safe and protect your privacy online. For instance, every computer should already be running antivirus (AV) software. Antivirus software will catch the majority of known threats, provided its virus definitions are properly updated. (For more on AV software, see www.netintelligence.com) But AV tools work best against signature-based attacks.

Next, you'll want to consider a firewall of some sort. Firewalls come in two flavors: software and hardware. Each has strengths and weaknesses, and neither covers all the bases to our satisfaction. We review six software firewalls and five hardware firewalls in the pages that follow. But before you erect those lines of defense, follow these simple (and free) steps.

Periodically check for downloadable patches for your operating system and software. You can do so at vendors' Web sites, and some let you sign up for bulletins. If you're running Microsoft Windows 98 or later, run Windows Update to download fixes. Microsoft Critical Update Notification, downloadable for Windows 2000 and built into Windows XP, tells you when updates are available. For other Microsoft application patches, check out Microsoft TechNet (www.microsoft.com/technet). Click on Hotfix & Bulletin Search to see which program holes need patching.

Of course, patches can remedy only the known flaws and vulnerabilities. New vulnerabilities are continually being uncovered, and hackers seek them through port scanning. (Each IP address has more than 65,000 ports through which applications can communicate.) Good firewalls can defeat such scans.

Windows users can also try Microsoft Baseline Security Analyzer. This free download from TechNet scans your system, looking for mis-configured settings. You'll be surprised at the number of flags that go up the first time you scan yourself.

If you use instant messaging (IM), remember, don't talk to strangers. The popular free programs, like AOL Instant Messenger (AIM), expose your IP address and engage you in peer-to-peer connections when you okay file transfers. Additionally, the clients can use most ports, including port 80 (the one for Web traffic, which most firewalls leave open). Such openings offer easy entry for hackers who gain the confidence of the unsuspecting.