Peak SBC, LLC  

 

 

TIME TO TIGHTEN UP SECURITY!
by: Cary Christian


After devastating distributed denial of service attacks almost brought the Internet to its knees several weeks ago, you would think people would get the idea and make an effort to close some of the security holes that make such an event possible. Apparently, that is not the case.

The CERT Coordination Center is monitoring a group of large networks of compromised machines that are linked together through programs left behind by worms and viruses. Just one of these networks contains more than 140,000 machines.

These networks are used to launch distributed denial of service attacks and the owners and users of the machines have no clue that their assets are being used in the attacks. Making matters worse, these compromised machines make it easy for even a novice hacker to launch a devastating attack. CERT has warned that there is potential for serious long-term damage.

The really sad fact about all of this is that the worms and their "droppings" that can be used to create all this havoc have been around for awhile. There are patches available to render them useless and current anti-virus programs can all handle them. The fact that there is such immediate danger means that people are not patching their machines and they are not using current anti-virus programs, if they are using them at all!

In addition to setting the stage for distributed denial of service attacks, the existence of these worms and viruses make it much more difficult to trace the attacks once they occur. These compromised machines can also be used to hide the identity of people committing even more heinous crimes. The unprotected and unpatched PC becomes a pawn in the commission of such crimes.

Here are some things you should do right away.

1. When was the last time you downloaded a patch for your operating system? They are issued frequently. When they are issued, it is usually because the patch is needed to plug a hole in the security of your machine. If you are using a Windows operating system, take a little time to visit Windows Update at http://windowsupdate.microsoft.com/  Select "Product Updates" and follow the prompts. You'll be told what patches you need and they can be installed automatically. It's super easy and there is no excuse not to do this.

2. Check your passwords, shares and protocols. Make sure passwords are difficult to break. Do not use your mother's maiden name, your birth date, your social security number or a variation of your name. Mix it up with letters, numbers and make sure it's at least 8 characters long. Make sure your machine does not have any shared resources using Windows networking that are not protected by a password. Unless you really need it for something, don't use the NetBEUI protocol for networking. Use IP instead.

3. Scan your hard drive for viruses and worms. You can use Trend Micro's Housecall scanner at http://housecall.antivirus.com/housecall/start_corp.asp to perform a free scan and cleaning of your machine. All it will cost you is a little time and will at least provide you with the peace of mind that your machine has not been compromised.

4. Install a firewall. You can get a free version for home use from Zone Labs at http://www.zonelabs.com/store/content/home.jsp
Don't think your home machine is unimportant. Probably most of the compromised machines on the Internet are home PCs.

On your business network, you'll most likely have to purchase a firewall if your ISP does not provide one for you. Zone Labs has a pro version for under $50.

5. Use an anti-virus program and keep it updated. You can download AVG Anti-Virus at http://www.grisoft.com  It's fr^e and it works very, very well. Just remember to have your anti-virus program load every time your computer boots up and set it to update automatically so you always have the most up to date virus database in use.

6. Test how stealthy your computer is. Hackers and worms scour the Internet looking for open ports on computers that are broadcasting their location. Without a firewall, this broadcasting, which is normal behavior, acts like a beacon to the hacker, leading them to your machine through unprotected ports. The firewall is supposed to make your machine invisible, or "stealthed." It's a good practice to check just how stealthed your machine is from time to time. Take the "Shields Up!" test at Gibson Research to find out. The URL is http://grc.com/intro.htm  There is lots of great information on security at this site in addition to computer tests.

None of the above tasks are difficult or expensive. They will require a little time but will keep you safe and help insure that your PC doesn't become a pawn in someone's evil plans. The world and the Internet are becoming a more dangerous place every day. You owe it to yourself and to everyone else who enjoys the Internet to make your machine off-limits to unauthorized use.


Copyright (c) 2003

 


(c) 2003, 2004, 2013 Peak SBC, LLC.  Copyrights on all articles and books remain with the author.

Contact Information - Phone: (305) 799-3404

Email: webmaster@peakconsultinginc.com