Growing Broadband and Following Security

Cable and Digital Subscriber Line (DSL) Internet connections are revolutionizing the way people are conducting business and managing their personal time. Freeing up phone lines, increasing speed, and eliminating expensive phone bills are driving people to broadband internet access by the groves. With this increase in popularity broadband gives hackers a wider playing field with more enticing targets. The need for speed rush has left security lagging far behind. To understand the security risks involved with broadband access, one must understand what broadband connections are and how they work. Knowing this information one can identify common vulnerabilities and learn how to protect themselves and their organizations. Broadband security does not stop with identification and protection. Maintaining and anticipating future changes in technology and threats will become a dynamic process requiring a constant presence and knowledge of the advancements in these technologies.

A quick glance at broadband, one might say that it is just a faster modem not unlike current analogue modems. To understand the security needed for systems using this technology one must know the different types of broadband and what defines if a connection is considered broadband or not. One must also know the differences between these connections, and finally why broadband vulnerabilities are more appealing to hackers, ultimately increasing the need for stronger security.

High-speed broadband Internet connection is defined as Internet connection that accesses speeds greater than two megabytes per second. Cable Internet and DSL are the current options consumers have for this Internet speed. Cable Internet is capable of speeds approximately thirty megabytes per second, and DSL tops out just shy of ten megabytes per second. These speeds are currently not available to consumers due to Internet service providers limiting the speed allowing more users to utilize their service and minimizing congestion through their servers. DSL speeds also vary depending on how far away the user is from the Internet provider. xDSL technologies has different types that include DSL, Asymmetric Digital Subscriber Line (ADSL), High rate Digital Subscriber Line (HDSL), and the newest edition Very high rate Digital Subscriber Line (VDSL), which can access the Internet with speeds comprisable to Cable access.

Cable Internet access uses a different philosophy and technology than the DSL line of Internet connections. Both are considered “always on” connections because the computer automatically connects to the Internet every time someone turns it on, and stays connected until someone turns it off. Cable Internet is carried on the same lines as cable television uses. DSL splits ordinary analogue phone lines into analogue and digital communication lines. DSL uses the analogue split for sending information and the digital is used for downloading information. Security wise DSL is better because it uses a different Internet Protocol (IP) address every time the computer is restarted. Cable Internet typically is designated an IP address from the Internet provider, unless the Internet provider provides Data Over Cable Service Interface Specification (DOCSIS). DOCSIS will be discussed later in the protection section of this paper.

These high connection rates do not come without new security concerns. The major vulnerability exploited by intruders in the “always on” connection. Computer hackers are looking for a predictable vulnerable system that is relatively safe to violate. Broadband connections supply this. Cable Internet connections are especially tasty to hackers because they usually use the same IP address every time the user logs on. Thus the hacker does not have to spend time looking for a new system each time they decide to unleash their terror. DSL uses a different IP address when the user boots up the computer, but uses the same IP address while the computer is on. This leaves them more time they dial up the Internet. The fact that the user is online for larger periods of time with broadband connections allows the hacker more time to find their computer to infiltrate. The sure volume and speed a broadband vulnerable than traditional dial-up connections because dial-up connections change IP addresses every connection provides to the honest user is provided to a hacker that can send malicious code faster and larger files than ever before. This trend invites larger, more destructive malicious code to be sent into cyberspace. Cable Internet connects over a shared bandwidth, which will allow people in the local area network to be able to access your computer if your network settings are enabled to share on your operating system. DSL is connecting through a dedicated local bandwidth and therefore, is not acceptable to the same manipulation.

Considering the overwhelming vulnerabilities one might think that there are not enough security measures presently to take the step to broadband connection. This is quite understandable for the fool hearty that do not research security issues prior to purchasing broadband Internet capability. There are many security precautions one can take to control these risks and limit security breaches. When setting up a broadband Internet connection, areas of security protection concern are at pre-purchase, setup, and maintenance.

Security should be on the mind of every consumer even prior to selecting an Internet service provider. There are many things a consumer should learn about their potential Internet provider and what level of security they are required to provide. The normal protection they provide is a firewall. Firewalls will help protect from forms of previously identified Trojan horses, viruses, worms, and other malicious code. They will not protect against hackers invading your computer. Some firewalls protect from some hacker tools used to ‘ping’ computers online, but customers will not know the levels of protection Internet service providers use unless they ask.

Cable subscribers will want to see if their Internet service provider provides Data Over Cable Service Interface Specification (DOCSIS). Without DOCSIS, cable subscribers have a fixed IP address. DOCSIS changes the subscribers IP address every time they turn on their computer. This limits the predictability for hackers trying to break into your computer. DOCSIS’s largest flaw is it does not prevent the hacker from finding out the range of IP addresses the Internet service provider owns. This allows the hacker to limit his or her search to that range and still find the consumer’s vulnerable computer. Self-protection is needed to deter determined hackers.

Internet service providers offer a limited amount of security for their customers, but the bulk of protection falls on the individual consumer. Fortunately, there are a decent amount of options on the market relatively inexpensive from the consumer to choose from. Antivirus software is a must for any system with Internet capability. This is even more important to update and keep current for broadband users since many hackers favor their computers. There are various types and manufacturers of antivirus software. It pretty much is up to the personal preference of the user to which one they install. The main concern is that the user updates the virus definitions as much as possible.

A personal firewall installed on the users computer is a very good idea. This allows them to set levels of security specifically to their computer. The firewall available from the Internet service provider is a start, but the security measures used are not all used for the convenience of everyone they provide services for. Installing a personal firewall gives the user the power to increase the level of security they feel comfortable with. There is another tool that is very useful for home use as well as small businesses that do not have the financial resources of large companies. Home users and small businesses can make a router out of older computers that are obsolete. Many websites on the Internet will instruct how to construct such a device, so the basics will only be pointed out here.

A router is a separate computer that’s only function is to route Internet traffic. This hides the user’s computers from hackers on the Internet. Hacker may be able to see the router and not all the resources on the computers connected to it and decide to move on and look for a computer with more interesting information to hack into. Essentially, it is similar to setting up a small network and home or for the office. The best feature of a router is they can be made for normally fewer than one hundred dollars. The components needed are another computer with two Ethernet cards and some software. The router-firewall combination significantly increases the security on broadband connections. This is by far not totally secure from all invasions, bit it is a significant step in computer security of broadband communications. Software installed on the computer and tightening up the know vulnerabilities is another vital step.

According to Judi Clark, an advisory board member of NetAction.org, software companies purposely create “backdoors” to their software to detect unlawful use of their products. She also states that the computer software companies are pushing for legislation that not only condones this coding process, but also protects the companies from legal action if these vulnerabilities are maliciously manipulated by third parties. This “dangerous new law”, as Judi Clark puts it, is called the Uniform Computer Information Transactions Act. There are two areas of this proposed legislation that should concern every broadband user. One section is the one that binds the purchaser to terms disclosed only after the purchase has been made. This allows the company to make new rules up as they see fit. Another major security concern is allowing the software companies to broaden the use of the backdoors they include in the software. The broadening will include but not be limited to disabling and changing the users software remotely without legal repercussion.

One way to protect yourself from intentional backdoors is to know your operating system’s security level and adjust it to the level you are comfortable with. Most operating systems and security software is not set to the highest level at installation. This is purposely done for the use of inexperienced users that do not want to see a degradation of their computers performance just for the sake of security. When purchasing or acquiring new security software it is paramount that the user reads the instruction manual to see what the security levels are set at and how to change them to the level need for their system. Knowing how to set your security settings and how to update them, is another critical step in protecting your system whether you are using a broadband Internet connection or the older dial-up services.

One more step to broadband security is user settings. Limiting the resources a user can get to limits the area of damage a hacker can do while hijacking that users system. This is routinely done on corporate systems, but usually forgot about or deemed unnecessary on small business and home use computers. If the user is authorized unlimited access to all computer resources, so is the intruder that is intending to steal or damage the information on that system. A good habit is limiting your access as much as possible with what you need to accomplish while logged on to that computer. If the user just needs access to the word processor for that particular session, they should have an account restricting them from other critical areas that they don’t need. Hackers are usually uninterested with simple word processing documents and will search to find more interesting information that the user never intends to access.

Setting profiles on personal computers will limit the area that the hacker can access and manipulate on personal computers. Using restricted profiles on your home computer will protect other information from hackers while you are busy with other tasks. For example, if your intention is writing a research paper for your college class, it might take you eight hours to get the outline done. On a computer with broadband capabilities, that gave a hacker eight hours to find your system and do with it what he or she wanted too. You were busy writing a paper while the hacker was using your computer resources to try and access top-secret information from the federal government. Next thing you know law enforcement people are arresting you and confiscating your property to start their investigation. Creating a profile specifically for Internet use, restricting use of any other computer resource will help protect your information. Disconnecting the Internet connection while you use the computer without the Internet can save you from jail time and time explaining to the judge that you knew nothing about launching the next super-virus from your IP address.

Broadband Internet technology is expanding capabilities every day. In the future Internet access will be measured in gigabytes rather than kilobytes or megabytes. Increased speed and volume of information allowed to run rapid over the Internet will increase the need for security. The first generation of broadband communications has proved this point. Hackers are turning to these systems to spend their time manipulating due to the lack of security and the speed. It will only get worse as new technologies increase the speed of Internet communication. The most important area users must remember is it is their responsibility to protect themselves. Research and updating current software will deter hackers to other computers that the users care more about performance than security.

Cable and DSL Internet connections are the first generation of broadband communication available for public use. They are a powerful tool in the hands of trained hackers and cyber terrorists. Users must understand how they are connected to the Internet and know available security items at their disposal. With this new technology comes more responsibility to the users to protect themselves and others. Protection includes software, hardware, and knowledge. It is the users and administrators responsibilities to identify and know common vulnerabilities and learn how to protect themselves and their organizations. Furthermore, they must maintain current system security and anticipate future changes in technology and threats. Computer security needs to move towards proactive measures instead of the usual reactive measures used today. That is where you come into the picture. As a user, administrator, and a maintainer, it is our responsibility to make the Internet a safer place for our systems to grow.

Works Cited

http://www.adsl.com/aboutdsl/vdsl_tutorial.html

http://netaction.org/broadband/exposed/

http://www.cert.org/tech_tips/home_networks.html

http://online.securityfocus.com/infocus/1568

http://www.howstuffworks.com/framed.htm?parent=search.php&url=http%3A%2F%2Fcompnetworking.about.com%2Flibrary%2Fweekly%2Faa021101a.htm%3Fiam%3Dhowstuffworks_SKD%26terms%3Dcable%2Bsecurity

http://search.symantec.com/custom/us/query.html

http://online.securityfocus.com/infocus/1560

SUMMARY

Broadband is defined as Internet access with speeds capable of transmitting at speeds over two megabytes per second. Current broadband connection available for public use is Cable and DSL. These are considered “always on” connections. This feature is a major security concern because it increases the time online for hackers to locate your system and less time they need to do their intended damage.

Cable Internet connection is very similar to a local area network and must incorporate similar security precautions. Cable users are stuck with the same IP address unless their Internet service provider has the DOCSIS technology to change IP addresses when the computer is turned on. DSL connection using existing phone lines but converts some or all of the information to digital rather than analog. This technology automatically changes IP addresses every time it connects to the Internet, but keeps the same address while the computer system is connected. This is a high area of concern of security for broadband users in general.

Knowing the level of protection provided by your Internet service provider will assist you in determining the provider that best suits your needs for security. Using profiles and limiting access on small business and home computers is one step in protecting your system from hackers. Firewalls, routers, antivirus software are protection methods available for purchase. Knowing how to adjust your security levels on software installed will increase security. Updating virus definitions is critical to the maintenance phase of broadband security. Combining all these precautionary measures will deter hackers and protect your system from unwanted attacks.