Internet Security (Part 2) - Firewall Protection

Internet Security (Part 2)
Firewall Protection

Are you a sitting duck for Internet hackers?

Many people do not know that there is a risk that comes with broadband Internet connections (i.e. RoadRunner, DSL, leased lines, etc.)—especially if they are running Windows without a firewall product. Read on for information on why this is important, and how you can protect yourself.

How the Internet Works

In order to communicate on the Internet, every computer needs a four part number called an IP address (i.e. 204.240.37.100). This number is used for all Internet communications —such as for browsing the web, etc.

People who use a dial-up connection (yes, there are some of those people left!) to the Internet may receive a different IP address each and every time they log on. This is because the IP addresses are held by the Internet Service Provider's answering modems, and not by the person's own computer.

However, dial-up connections are fast going the way of the dinosaur (who wants to sip the Internet when you can gulp?) as more and more people switch to broadband Internet connections. These connections, in addition to being faster are always on—meaning that your computer is connected to the Internet with the same IP address, either 24/7 or at least for extended periods of time.

Why Having an Unchanging IP Address is Dangerous

Hackers are known to use software that rapidly scans through ranges of IP addresses looking for vulnerable computers. The less time you sit on the Internet with an unprotected computer at one particular IP address, the less likely you are to be hit by hackers. Notice that I said "less likely"—people who use dial-up connections are still vulnerable to hackers if they use an unprotected computer.

If your computer is sitting on the Internet for prolonged periods with one IP address and you are running an insecure operating system—such as Windows XP—then your computer is vulnerable to hackers and other mischief. Broadband Internet Service Providers don't widely publicize this fact, but they should.

What Does It Mean If Your Computer Is "Vulnerable"?

Having an unprotected computer allows hackers to do one or all of the following:

Computer Vandalism—Hackers may perform mischievous activities such as deleting files up to and including reformatting your hard drive(s).

Worms—released by hackers crawl the Internet, looking for susceptible computers. Worms, such as NIMDA and others, may do any or all of the above, before replicating themselves and moving on to other unprotected computers on the Internet.

Theft of Personal Information—Personal information on your computer (such as your social security number, credit card numbers, bank account numbers, etc.) may be stolen for purposes of identity theft or use of your credit cards to make unauthorized purchases on the Internet.

Launch Point for Attacks on Other Computers—Hackers are always looking for vulnerable computers from which to stage attacks on other systems. This may be anything from Denial of Service Attacks (DoS) (which bombard well-known Internet sites with so many requests that it slows down the system to unusable) to actual penetrations of bank and/or government computers. What this means is that it looks like the attack is coming from your computer, and you may be held liable!

What Can You Do to Protect Yourself?

The easiest way to protect yourself from malicious hackers taking over your computer is to run what is called a personal firewall. A personal firewall is a software program that runs on your computer to fend off requests for unauthorized access to your system. A good product is Zone Alarm from Zone Labs. There is a free version of Zone Alarm. (Zone Alarm Pro, an even better version, is available for sale. The price depends on how many licenses you want to purhcase.)

Zone Alarm determines what is allowed to pass through to your computer, and what is not. For example, a response to a web browsing request which you initiated would be allowed to pass through, while a request to examine the contents of your hard drive would not be allowed.

Trojan Horse Program—A program that may be planted on your hard drive by an email message attachment, and may be designed to send information about your system back to the hackers which wrote it.

SpyWare—A program that you have downloaded from a legitimate company, but which—unbeknownst to you—has been written to track your every move on the internet for marketing purposes and send the information back to the company.

But Zone Alarm does more than that—and this is where it's better than the firewalls which cost money. It also prevents Trojan Horse Programs and SpyWare from communicating information about your system and tour browsing habits back to the outside (that is extrusion rather than intrusion attacks—see definitions above).

Zone Alarm also prevents a newly recognized and dangerous threat to Internet Privacy—the collection of unique serial numbers from network adapters (you may or may not have one, depending on whether your computer is attached to a network). Each network interface card, or NIC, has a unique serial number—called a Mac address (which has nothing to do with Macintosh computers)—that could potentially be used to collect information about everything you do and everywhere you go on the Internet for "marketing purposes". Yes, you say, but they they wouldn't know who I am. Ah, but they would! All you'd have to do would be fill in one form on the Internet with your name and address at a company site that is collecting Mac addresses, and your Mac address has then been associated with a name and address! Imagine how valuable this information is for the collecting company in terms of marketing lists! Any company with an Internet presence, and which is out to make money by selling consumer information, could be tracking this information for resale.

In recent years, SpyWare and AdWare programs have become increasingly malicious. It is amazing what chinks hackers have found in Microsoft Internet Explorer's and Microsoft Outlook's armor. (Since Microsoft products have the most users, these are the products that hackers target.) Additional products that you should install are Microsoft AntiSpyware (available at Microsoft's website) and Spybot Search and Destroy.

Summary

I hope that by now I have convinced you that there are a minimum of five reasons why your computer needs to be protected by a firewall if you are connected to the Internet for extended periods of time:

Computer Vandalism

Worms and Viruses

Theft of Personal Information

Liability if your computer is used to mount attacks on other systems

Trojan Horse Programs and SpyWare communicating information about your system and Internet browsing / shopping preferences

Tracking of Mac addresses for purposes of selling information about your browsing and shopping habits

If you don't already have a firewall and antiSpyware installed on your system, you should go to the websites mentioned above and download these. (You may or may not need help with installation, depanding on how computer literate you are.)

Stay tuned for more on Internet security in future installments of this series.

Cynthia Brooman, President
Point & Click Software, Inc.