| Quick and Easy Self-Defense "What you need is a giant condom for your computer. You can beat the most common computer security troubles with just three easy programs: a personal firewall, antivirus, and encryption. Personal Firewalls Firewalls for home computers are a recent development. The main reason is a new phenomenon. In recent years thousands of people have discovered how easy it is to party nasty inside the home computers of strangers. You can learn more than you ever wanted to know about their mentality at http://www.defcon.org. The annual Def Con is the world's largest and raunchiest gathering of malicious hackers. Because of their twisted motivations, their attacks can be more frightening than crimes motivated by money. Fortunately these guys with giant psycho-sexual-cyber complexes aren't very talented. Running a personal firewall will stop most of these guys cold. Personal Firewalls, continued... Zone Alarm has a control panel which enables you to choose how secure you want to be. Yes, it would be nice to be perfectly secure. The trick is to figure out how to get seriously secure without crippling your computer. Personal Firewalls, continued... If you want to fight back, that popup window lets you know of an attack within seconds. It also has a button that takes you to the Zone Alarm web site for an explanation of the attack. If you only log alerts to a text file, the results are, ahem, cryptic. Here's an example: FWIN,2001/02/23,13:08:42 -7:00 GMT,63.90.***.12:137,204.***.***.***:137,UDP Don't panic if you can't decipher that log. Unless you aspire to hackerdom, you don't need to get this far under the hood in order to secure your computer. OK, OK, if you really want to know, here's what it says: GMT is Greenwich Mean Time (time at a famous observatory in Greenwich, England) 1:08 PM and 42 seconds, Feb. 23, 2001. The -7 means it's seven hours earlier here in New Mexico than it is in Greenwich. 63.90.***.12 is the IP address of the attacking computer. (I changed three numbers to ***) and 204.***.***.*** is my ubersecret IP address (changed 9 numbers to ***s). 137,204 are the ports from which it attacked, and 137 is the port on my computer (NetBIOS) that it was attacking. UDP means User Datagram Protocol, which is a "connectionless" Internet protocol used for things where you don't really care if everything makes it from one computer to another (no error checking). If you enjoyed reading this paragraph, you are a born hacker. Personal Firewalls, continued... Let's see how we can use a firewall to check on the security of a home computer. There's a fast, free way to find out. http://happyhacker.org/defend/ links to several sites that check for ways a hacker could use the Internet to harm your computer. How do these vulnerability scans work? Basically, they run the same program techniques a computer criminal would use to find a way to break into your computer. These vulnerability scanners try to connect to your computer through its Internet "ports." These are not physical ports such as USB, parallel or serial. They are logical (virtual) ports. How do Internet ports work? It's like saying "Hola" to a stranger. If she responds with "Buenos dias," you know you can communicate in Spanish. If you try all languages and get no response, it's a good bet she knows not to talk to strangers. Likewise, your computer should ignore attack computers. If it talks to a vulnerability scanner, that tells a hacker that he can get your computer to talk to his. That is the first step to breaking in. You don't need to know what every geeky thing is to make your computer secure. The important thing is that a good firewall will let you know whether you need to worry about this service. When in doubt, you can shut it down. If shutting it down breaks something, you can bring it back with a click of a mouse. Let's debunk security scanners some more. Will they tell you everything you need to know about how someone can break into your computer? Sorry, it's not that easy. Hackers are always finding new ways to break into computers. |