Securing your computer is hard work.
With nearly a billion Internet users around the world to steal information from or wreak havoc upon, hackers have a huge incentive to spend hours contemplating new, increasingly complex attacks.
The University’s Information Security Officer, Kent Strickland, is well aware of the length these white-collar criminals will go to in order to conserve their illegal connections to student computers.
When the University chose to block an Internet service known as Internet Relay Chat last year, it was due to several hundred computers on campus being infected with trojan horses.
Like the wooden decoy depicted by Greek poet Homer, a trojan horse program disguises itself as something the computer user believes is harmless, even useful.
But once installed, the program allows a hacker to take control of the system, usually unbeknownst to the user.
Utilizing several infected computers around the world connected to the IRC service, the hackers coordinated an attack on a university in Sweden, placing that institution’s network in a standstill.
The trojan horses were also logging every key pressed on infected computers, allowing them to steal students’ identities.
They were even sniffing around the University network a network that contains sensitive student data finding open ports and infecting other computers.
The University began blocking IRC servers utilized by the hackers one by one at first, but the hackers were working together and automatically changed to another server.
When virus scanning companies caught up with the nasty programs, the hackers would mutate them to remain undetectable.
‘When you have that many systems, with that many problems, security staff, the network staff, the Residential Computing Connection staff all busy in an incident response mode trying to take care of all of these problems ‘ there is an opportunity cost there,’ he said.
The moral of the story is that no computer system is ever completely invulnerable to attack.
No virus scanner, firewall, or armed guard can stop all the attacks perpetrated by hackers around the world, but completing the following five basic steps will ensure that you are protected from the thousands of known attacks floating around on the information superhighway.
By doing so, you protect yourself and others connected to your computer from theft and data loss.
And as long as you are running the most recent version of your operating system Microsoft Windows XP for PC users and MAC OS X for Apple users none of the following steps will cost a dime.
Use Common Sense After the hard work of getting your computer set up with the latest security applications, the best defense against hackers is common sense.
If your Web browser asks permission to download and install a program, and you have no idea why it is doing so, then always click no.
If clicking no causes the Web site that you trust to display incorrectly you can always go back and install the program later. If you don’t trust the Web site, it could be trying to deliver you a trojan horse or virus.
The same goes with programs or other unknown files sent as an attachment to an e-mail message or downloaded from a peer-to-peer file sharing program.
Any file downloaded to your computer may contain a malicious program, so if it is not trusted do not run it, just delete it.
Other e-mail attacks are perpetrated by a special group of hackers known as ‘phishers,’ who trick Internet users into revealing their personal information.
They do so by sending out e-mails or instant messages disguised as trusted financial institutions, online retailers, and other companies that conduct business on the Internet.
If you receive an e-mail from a bank asking you to verify your account information there is only one action to take: delete it.
Examples of what these vicious e-mails look like are available on the Web at www.bgsu.edu/its/security/alerts/.
Clicking on the link contained within one of these e-mails will lead to a bogus hacker-developed Web site that appears identical to the legitimate company’s.
Enter the information and it is sent directly to the hacker, who then steals your identity.
The same goes with e-mails from EBay, PayPal, and other online accounts.
As a result of the increase in phishing attacks, EBay only communicates with its users through the EBay Web site. Internet companies rarely ask for a user’s password.
Creating passwords that are easy to guess, such as words that are found in a dictionary, is another way computer users become vulnerable to attack.
Passwords should be more than 8 characters. They should contain numbers, uppercase letters, lowercase letters and special characters like an exclamation point.
They should not be in any dictionary, in any language, not even slang, swear, or obscure words. Never use the same password twice.
When a user’s password can be found in a dictionary, all hackers need to do in order to gain access to that account is create a computer program that will attempt to log in using every word in an electronic dictionary.
They just sit back, and let the identities roll in.
Use an Alternative Use a different Firewall, Web Browser, and E-mail Client.
Macintosh users are lucky when it comes to security. There are fewer Macintosh computers out there, and, therefore, fewer attacks aimed at them.
A hacker looking to attack a computer will not waste time developing an attack that will work on only a fraction of the computers out there.
On the other hand, there are hundreds of millions of PC users running the same operating system, Microsoft Windows XP.
The result is a ton of attacks aimed specifically at it, and this article, therefore, will focus almost entirely on XP.
Another reason Macintosh computers see fewer attacks is because they come with a good, built-in firewall, and an alternative browser named Safari.
Safari is safer than its PC cousin Microsoft Internet Explorer also due to a game of numbers, but there are many features and vulnerabilities included with Explorer that open it to attack.
Internet Explorer is embedded within XP. If an attacker cracks Explorer, then they have cracked the entire system.
Explorer also includes ActiveX, which is a programming language used to develop applications for the Web. These applications can do very bad things to a computer system if used for the wrong purpose.
Of course, a few Web pages require ActiveX, and it is not recommended Explorer be uninstalled in order for these sites to be viewed properly.
However, an alternative browser for the PC known as Mozilla Firefox (getfirefox.org) is a favorite among many computer professionals, is free, and is much less vulnerable to attack.
According to Web consultation company ScanIT, Internet Explorer was 80 percent unsafe during 2004, whereas Firefox was only 14 percent unsafe. The numbers were determined by tests run on the company’s Web site by 195,000 users.
Firefox also imports all settings, bookmarks, and other information from Explorer during installation.
There is even an e-mail client included, Thunderbird, which is less vulnerable than Microsoft’s Outlook Express, and can serve as a replacement.
After replacing Microsoft’s vulnerable browser and e-mail client, the next step is to replace XP’s less-than-desirable firewall.
A firewall protects a computer by acting as a traffic cop. It will allow ‘trusted’ traffic, such as Web browsing to access your computer, but block intrusions, such as ‘port sniffers,’ a tactic used by hackers to gain access to a system.
A good firewall will also prevent programs on a computer from accessing the Internet.
If a trojan horse, for instance, attempts to access the Internet the firewall will ask the user if he/she wishes to allow such traffic.
By denying access, the user effectively disables the trojan horse. The Windows XP firewall does not have this option.
The most highly recommended firewall on the Internet and an excellent replacement for XP’s is Zonelab’s ZoneAlarm, which is also free. It can be downloaded at www.zonelabs.com.
In denying outgoing Internet access, be sure not to deny a trusted application.
Install Virus Protection After installing a decent firewall, computer users should protect themselves against viruses by installing a virus scanner that protects them by detecting files as they are downloaded. Once again, these utilities are also free.
The University provides an active virus scanner to all students living on campus. McAfee anti-virus has consistently been rated one of the top scanners out there, and can be downloaded from software.bgsu.edu/applications.htm.
Student computers may have come pre-installed with another top rated scanner, Norton anti-virus.
According to Mike Hachtel of the Residential Computing Connection, it’s best to use McAfee for one very important reason: free updates from the University.
‘McAfee isn’t always the best one, but Norton isn’t always the best one either,’ he said. ‘There are several others out there. They get really good and they’re at the top of the industry and then somebody else kinda edges them out. McAfee has been purchased by the university, is supported, and we also offer free updates.’
However, if you are located off-campus, there are several free anti-virus applications available on the Internet that get the job done, and they too have free updates.
The most consistently recommended freeware anti-virus scanner is Grisoft’s AVG. It can be downloaded from grisoft.com. Another good scanner is Antivir, available at free-av.com.
Because the anti-virus programs are active and will constantly be monitoring the system to see if downloaded or installed files contain a virus, it is only necessary to scan a computer for viruses once a month.
Use Anti-Spyware Tools A group of applications known as spyware have easily become the most annoying side effect of the Internet.
Spyware applications install themselves, sometimes without permission, and create pop-up advertisements on computers even when a browser is closed.
They run in the background and therefore slow a computer down, modify browser settings such as the start page, and monitor a user’s surfing habits so they can sell it to marketing companies.
And recently, Computer World Magazine reported a massive identity theft ring utilizing spyware on an unknown number of computers.
The browser hijacking software known as CoolWebSearch was stealing passwords, usernames, bank account numbers, and other data amounting to a treasure trove of information for identity thieves.
Thankfully, protecting a computer from such attacks is relatively easy, and is usually free.
There are paid for applications out there, including Webroot Software’s Spy Sweeper and Sunbelt’s CounterSpy. But who wants to pay, especially when the best way to protect a computer is by utilizing more than one spyware removal tool?
Every anti-spyware program has a different database of signatures used to track down the nasty applications. Using more than one ensures that a computer is protected against a larger number of threats.
Two well recommended, free programs include Lavasoft’s Ad-Aware SE (lavasoftusa.com) and Safer Networking’s Spybot Search and Destroy (safer-network.org).
Microsoft’s anti-spyware Beta (Microsoft.com) has been found to detect more instances of spyware than either of the other two applications, but is still in the testing phase.
An application that is still in the testing phase may not be as stable, but several users have reported excellent results with this application.
When running two anti-spyware applications, it is important to ensure that they do not overlap each other.
Similar to anti-virus programs, these utilities also utilize active protection. It is important to disable active protection on at least one of the anti-spyware applications installed.
Spybot’s Tea Timer active protection application ensures that unknown programs on a computer do not modify settings by asking the user to approve or disapprove such changes. It is recommended that all other such programs be disabled. Once installed, anti-spyware applications should be run at least once a week.
Update it all regularly There is no step to protecting a computer that is more important than updating regularly.
As mentioned before, hackers are constantly changing their attacks and creating new ones, and without updated security software protecting a system a user is basically as vulnerable as if no security software was installed at all.
The most important application to keep updated is the operating system of a computer.
The Residential Computing Connection has established recommendations for operating systems on both Macintosh and PCs.
For Macintosh users, this means Mac OS X version 10.4 updated with the most recent patches available from Apple.
For Windows users, the recommended operating system is Windows XP Service Pack 2 with all automatic updates available by running the automatic update application found in t he Windows start menu.
Operating system updates protect a computer by filling in security holes that in some cases would give a hacker total control of a system.
After the operating system, all other security applications should be updated regularly as well. Most applications, including firewalls, anti-virus, and anti-spyware will automatically remind users if an update has been released.
Not downloading and installing such an update in a timely manner will leave the door wide open for attack.
Users of the University-provided McAfee anti-virus program can find updates at: www.mcafeesecurity.com/us/downloads/updates/superdat.asp.
When setting up a brand new computer, make sure to activate the Windows firewall before connecting to the Internet and then immediately downloading, installing and updating antivirus software.
