Windows on the Web- October 2001

Locking Your Window

Windows on the Web is usually focused on opening a window- a window from your computer to the wealth of information out on the web. However, the beginning of this column is going to focus on closing. In this case, it is on closing the window that outsiders use to break into your computer.

Why do this now? A number of events triggered it. In mid-September, the company where I host my own web site fell victim to the nimda worm. Because they weren't current on applying security patches to their servers, I was without e-mail for almost two days. Also in September, for about the fifth time this year, a member of NABE fell victim to one of the Melissa/Code Red type viruses. How do I know? As webmaster, my e-mail address is in a lot of member's address books. When they are hit with a worm, a copy of the worm is automatically mailed to everyone in their address book.

Luckily, either my firewall or my anti-virus software stops these from causing damage here. But it is clear that other people are being damaged. While many of you have IT departments at work to take care of security, other NABE members are their own IT departments, either at work or at home.

One other reason for talking about this know -- many of the worms/viruses of the past, such as "I Love You" or "Anna Kournikova", were bothersome but not especially destructive to your files. However, it will be relatively easy to construct these worms so that they start deleting files on your computer. Given the events since September 11, we have to be more aware of threats.

Here are steps you can take to limit your vulnerability.

Update your anti-virus signatures: It should go without saying that you need anti-virus software on a computer, especially if it connects to the Internet or shares disks with other computers. In addition, make sure the anti-virus signatures are updated frequently. At the minimum, you should be doing this weekly, but it wouldn't hurt to do it even more often. Many of the anti-virus programs can be scheduled to either check automatically for updates, or least nag you to do so.

Use a firewall: It is absolutely mandatory, if you have an always-on Internet connection, such as DSL or cable modem, to have a firewall. If you don't, then assume your computer will be compromised. Even if you don't care whether they steal your data, a zombie computer program might get planted on your computer, which can then use your computer as a platform to attack others. Still using dial-up? While you don't face the same degree of danger, a firewall can still repel many attacks. Figure 1 shows a portion of my firewall's log, showing the number of probes and attacks repelled. Symantec has a firewall product called Norton Internet Security. Zone Labs Zone Alarm can be downloaded and tried out before purchasing. Many of these firewalls work both ways -- they can also keep a rogue program already on your computer from surreptiously calling out. The new Windows XP will also have a basic firewall bundled in.

 

 

 

 

by Bruce Kratofil

President, BJK Research and NABE Webmaster. He is the co-author of "Windows 2000 Secrets" (IDG Books) and a Senior Editor at BugNet.

WoW/PC Corner Home

Check your protection: Not sure if your firewall is doing its job? Go to the Gibson Research web site at www.grc.com and use their free security check, called Shield's Up. This site checks for security vulnerabilities via your Internet connection, and is a free public service.

Be paranoid: You learned this one a long time ago, probably from your mother- Don't take candy from strangers. In computer terms, this means don't open strange attachments. Extend this suspicion to people you know. If an attachment shows up in your in-box from someone you know, but you aren't expecting something, don't open it. It could be one of these attacks that goes out to every entry in an address book.

Use secure software: When it's time to pick software, especially Internet software, it may be time to consider the vendor's approach to security. Unfortunately, market leader Microsoft is not the leader in security. Some of their popular software, such as Outlook, has some of the worst problems. In fact, just looking at a Nimda infected e-mail message in your preview pane would have been enough to get you infected, you didn't need to open an infected attachment. If you are going to be using Outlook, Microsoft Internet Explorer, or Microsoft Internet Information Server, then either subscribe to a service that will alert you to security problems and fixes, or keep an eye on Microsoft's Security Site, so that you can download critical security fixes themselves.

Speaking of alternatives

In an earlier Windows on the Web, I gave a bad review to Netscape 6.0. I've recently had the chance to try out Netscape 6.1, and there has been a vast improvement. The bugs that caused frequent crashes before, especially on secure sites, have been fixed. The program was very stable, especially considering I was running it on a beta copy of Windows XP, and wasn't missing features, as was the older release. This version appears to be a viable alternative to Microsoft Internet Explorer, and can be downloaded for free. Click here for a copy.

 

Figure 1- Each of these lines represent a probe/scan/attack of my computer that was repelled by the firewall.