When a man journeys into a far country, he must be prepared to forget many of the things he has learned, and to acquire such customs as are inherent with existence in the new land; he must abandon the old ideals and the old gods, and oftentimes he must reverse the very codes by which his conduct has hitherto been shaped. . . . It were better for the man who cannot fit himself to the new groove to return to his own country; if he delay too long, he will surely die.
“In A Far Country” — Jack London
The Wild Wild Web
Imagine being in the Old West, a new frontier where paradigms were still being created along with its own culture, population, and rules. Imagine a place with amazingly beautiful scenery still undisturbed. Envision walking into a Saloon and being greeted by helpful, friendly townspeople ready to answer all your questions and sell you anything you could possibly need. You sit down, order a drink and strike up a conversation with the locals. As you pay for your drink, you find out that someone had used your name to run up a tab. Not wanting any trouble, you try to pay but find out that your money had just been stolen. Worse yet, you realize that everyone in the Saloon had just made a copy of the map you drew to help you find your way back to where you last found gold. After reporting the incident to the town sheriff, he informs you that the thieves live in another town that he has no jurisdiction over.
Fast-forward several years and one realizes that the Internet is a new frontier with much the same characteristics as the Old West. It is continuing its transition from being purely informational towards commercialization. It has its share of friendly townspeople who share their time and talents towards informing a global community. It also has its share of vendors who sell and offer support for a multitude of products. Unfortunately, it also has its own group of pranksters, thieves, and outlaws whose actions result in minor annoyances, loss of data, data theft, remote computer control, credit card fraud, and identity theft, just to name a few. The Internet, without doubt, is a wonderful but dangerous place. However, there are many things that can be done to help protect the average user from the perils of the Wild Wild Web.
Who Are These Desperados?
The Pickpocket: Most “Script Kiddies” do not have a specific target but instead scan hundreds of computers for vulnerabilities to potentially attack. Their name is derived from the notion that they download pre-made scripts instead of showing any real skill by coding exploits themselves. Motivations include generating/stealing credit card numbers, pirating software, and generally trying to impress their peers. Think of the script kiddie as a skilled pickpocket.
The Safecracker: The advanced cracker is a step above the script kiddie. The terminology stems from “safe-cracker” which was used to describe burglars with a knack for breaking into supposedly secure safes. They are usually well initiated in computer science and have a general understanding of how computer systems work. They have the programming skills and dedication that the script kiddies lack. The advanced crackers are usually the ones that write the “proof of concept” scripts that the script kiddies download. Motives generally involve a natural curiosity for computer systems, blackmail, or the propagation of a political or moral message. Most publicized viruses, worms, and Denial-Of-Service attacks are engineered by advanced crackers. The advanced cracker is much like a safecracker – more skilled than a pickpocket and more able to exploit system vulnerabilities through their knowledge.
The Train Robber: These are highly skilled hired guns with true deep knowledge of computer systems. They usually have a fixed target and attack much more stealthily and effectively than both the script kiddie and the advanced cracker. Most home users rarely encounter these because home users are usually not high profile targets. Think train robber here. He is skilled enough in intelligence gathering to know which train and cars contain the highest payoff, knows the most opportune time for attack, and knows how to execute the plan perfectly.
The Sheriff: Like how the sheriff in the Old West had his own gun, the security expert knows the tricks of the trade but uses it for good, not evil. They scan systems for vulnerabilities and report them to software companies so that they can be fixed. Occasionally, they will create harmless proof-of-concept exploit code to demonstrate faults in the system. The best experts have knowledge that rivals those of the train robber. Their motives usually revolve around selling consulting contracts or security products.
Now that you are more familiar with the types of people involved in security and privacy, it is time to learn some ways to protect yourself from being 0\/\/n3d.
Secure Passwords
Most script kiddies will try some form of password guessing or dictionary attack against your passwords. Avoid using passwords that are easily guessed such as names, birth dates, or favorite places. One suggested method for generating passwords is to use acronyms. Come up with a phrase and combine the first letters of each word to form a password. For example “computer security is very important to me” would produce “csivitm” as the password. Other suggestions/best-practices include using mixed case for case-sensitive passwords, having alphanumeric characters (both letters and numbers), and having passwords with 8 or more characters. For the most part, the trick is to strike a balance between having a password that is easily guessed and having a password so difficult to remember that one has to write it down on a post-it and stick it on the monitor.
Software Updates – Why?
Software needs to be updated as new flaws are found and fixed. Some computer worms and viruses exploit those vulnerabilities in order to infect machines. In most cases, computers are hit even though the software patches have already been released simply because the user has not updated his or her software.
Windows Update
For users of Microsoft’s various Windows Operating Systems (Win98, 98SE, ME, NT, 2000, XP), visit http://windowsupdate.microsoft.com/ for software updates. You will be asked to install software that scans your OS to determine how updated it is. It then lists suggested free updates to download and install. If you have not updated your software before or have not done so in a while, be prepared for a lengthy download time and possibly a few reboots as the system is made current. [For users of other Operating Systems (Linux, Mac OS, BSD, etc.) please check your software vendor’s site for updates.]
Anti-Virus Software
Anti-Virus software should also be installed, activated, and kept updated to protect the user from viruses, worms, trojans, and other nefarious bits of code that may cause a machine to misbehave. Most scanners look for virus signatures in order to determine whether a particular file is infected and requires an updated list of signatures lest an unrecognized virus slip through. Consult your particular anti-virus software manual for specific instructions on how to update its software.
File Sharing Worms
A relative newcomer to the realm of security is the file-sharing worm. As peer-to-peer networking and file sharing grew in popularity, more people began to exploit the network as a means to propagate worms and viruses. Some are known to serve malicious programs using filenames in response to specific file searches. Because peer-to-peer networks are, by its nature, highly unregulated, users of the different file-sharing networks (FastTrack, Gnutella, eDonkey, etc.) should take caution when downloading files.
Aside from viruses and worms, there is also some concern about what has been dubbed as “spyware.” Though they do not replicate nor destroy computers, they do deceptively collect information about the user’s computer use. Those then get sent to an online database, which delivers targeted advertising. Most users consider this an invasion of privacy. There are software programs that can be installed to detect spyware (http://www.lavasoftusa.com/). However, the best way to guard against such things is to make efforts to know what you are installing into your own computer.
Common Sense
A tremendous amount of privacy and security breaches could be prevented if the user simply used a bit of “common sense” in computing. For example, a majority of E-mail borne viruses relies on human curiosity in order to propagate. Using subjects such as “A WinXP Patch,” “A Very Funny Website,” “RE: Approved,” and “I Love You,” users are tricked into opening infected E-mails and file attachments. (Those subjects came from the klez.h worm, Sobig.f worm, and the infamous Loveletter worm). Users are urged not to open suspicious E-mails (even if it came from a known source) and to be very careful about opening file attachments.
Confidential Information over the Web (SSL)
When making online transactions, be mindful of any personal information you may be transmitting across the network. If confidential information such as a credit card or social security number needs to be sent, make sure to read the site’s security and privacy policy. Most E-Commerce sites offer SSL (Secure Socket Layer) encryption that encodes the data in transit, making it more difficult for “eavesdroppers” to steal your data. Another suggestion would be not to save any extremely confidential information in your computer. Should your machine be compromised, the desperados would have enough of your personal information to do some serious damage. Be paranoid about where your data goes, how it gets there, and who gains access to it when it arrives. Lack of vigilance could result in dire consequences like identity theft and credit card fraud.
File Encryption
Think back to the map that was stolen in the Saloon. If the map were written in code, it would be more difficult for the thieves to read even though they had it in their possession. File encryption offers computer users a similar means to protect their data from prying eyes. If you store highly confidential data on your system, you may wish to look into file encryption to protect it.
Firewall
Hardware and software-based firewalls help protect machines from some Internet-based attacks. Think of firewalls as the bouncer or guard outside the Saloon, inspecting everyone that goes in and out of the establishment. Firewalls inspect network packets traveling between the Internet and your machine. It lets the good packets through and stops suspicious ones before they get in. A firewall also helps ensure that guests have to enter through the Saloon’s front door and not through any insecure windows (by blocking incoming traffic to ports that should be unopened). If you connect to the Internet through DSL, Cable, or simply spend a lot of time online, installing a firewall is highly recommended.
Backups
Create backups of your most important files. Save them to floppies or burn them onto CD’s and keep them in a safe place. If you are so-inclined, create encrypted backups on removable media and store it off-site. Should your machine be compromised or should any disaster affect your computer physically and all data is lost, a timely backup can be restored and have you running again. Backups are extremely important!
Security Roundup
The Wild Wild Web is a wonderful place where information can be found with the click of a mouse. However, it carries with it a certain untamed peril that can lead to a very negative online experience. Most of these perils can easily be avoided through simple precautionary steps such as keeping your software updated, running virus scanning software, and creating good backups. By being safe and secure in the Information Superhighway, you just might ride off into the sunset unharmed.
Notable Sites
For those interested in more details regarding computer security, the following sites are good places to start learning more. For those who wish to receive current news and information about computer security, a further suggestion would be to join the bugtraq mailing lists from securityfocus.com.
http://windowsupdate.microsoft.com/
http://www.zonelabs.com/
http://vil.nai.com/
http://www.mcafee.com/
http://securityresponse.symantec.com/
http://www.grisoft.com/
http://www.lavasoftusa.com/
http://www.securityfocus.com/
http://project.honeynet.org/
http://www.anonymizer.com/
http://www.cert.org/tech_tips/home_networks.html