Internet security is something that concerns us all. I thought that I was safe; after all, I don’t keep financial information on my hard drive. So what if someone gets access to my computer? The most they could access would be my games, and copies of e-mail so mundane I wonder why I keep them! There are compelling reasons to be concerned. A malicious person could get into a computer and wipe everything off the hard drive. To some of us that may not a great loss, but it would be a big nuisance. My biggest reason for making my computer secure is my civic duty, my "service to humanity." I know you are saying, "huh?" I finally realized that I might have unknowingly aided the well-publicized denial-of-service (the high number of unauthorized request for service that caused overload and shutdown to servers) exploits that have occurred recently. How? Hackers and malicious individuals look for unprotected computers they can use to forward harmful viruses. Computers can be used by hackers as "stepping stones" to other computers they wish to invade. Hopping from computer to computer makes is difficult to trace back to the real culprit. Following are some basic steps that can be taken to preserve Internet security. I am limiting the scope of this article to residential and commercial users not on a network, or using a very small network and not storing highly confidential information. It is easier to employ protection measures if you are using dialup connections. Basically, if your computer is not online, i.e. connected to an Internet service provider (ISP), it is secure. Nobody can access the information in your computer because it is not physically connected, so the biggest concern is now to stay protected when online. Two simple things can be done immediately; the first is to disable Print and File Sharing if you are not on a network. Second, in Windows 95/98, in the "Internet" dialog box, set the security to at least medium. (The "high" setting is more secure but less functional.) If you use Windows 95, the sequence is Start/Settings/Control Panel/Internet icon/Security tab/Safety Level button, then click "medium." In Windows 98, the sequence is Start/Settings/Control Panel/Internet Options icon/Security tab; under the Security tab, slide the bar to "medium." Additional security can be gained by using a software firewall while online. I discuss firewalls in more detail below. Due to the great demand for the desire to take advantage of the communication aspects of Internet technology, there has been a boom in full-time Internet connectivity. Today, DSL (digital subscriber line) is available to many residential and business customers through most phone companies. Connections such as DSL and T1, a digital, leased line for full-time access to a communication path (including, but not necessarily limited to the Internet), are many times faster than dialup connections, and have the added convenience of allowing the user to talk on the phone while remaining connected online. Other advantages include much shorter waits for downloads and no busy signals or random disconnects. Computers that are continuously connected to the Internet offer more opportunities for hackers to move around the Internet and do harm. To keep individual computers (and the Internet!) safe, stricter security measures are required. For a residential customer not on a network, security is relatively easy. For my computers, besides disabling file sharing and changing my Internet browser to a medium security setting, I take two other steps. I disconnect from the Internet (log off) if I’m away from my computer for more than a couple of hours, and I employ a software-based firewall. A firewall basically is a device (hardware) and/or software used to block unwanted traffic while allowing other traffic to pass. Firewalls have features and price tags that vary greatly. Prices range from free to thousand of dollars for systems on large networks. I currently use Zone Alarm 2.1, available free at <http://www.zonelabs.com/>. Other desktop firewalls include BlackICE Agent 2.0, available from <http://www.networkice.com/>; McAfee Internet Guard Dog 3.01 and Personal Firewall 2.06, available at <http://www.mcafee.com/>; and Norton Internet Security 2000 2.0, available at <http://www.symantec.com/>. PC magazine has an excellent write-up in its June 27, 2000 issue regarding desktop security; the above information was gleaned from that article. I’ve geared this article toward the individual or small network. Typically, networks of any size have network administrators full time or on call to provide network and Internet security. For large networks or single users who store highly confidential information, a firewall appliance, a physical device (hardware) that lives between the network and the Internet, is recommended. Its function is to filter incoming and outgoing information and prevent unauthorized users from accessing the network. It must be remembered that software firewalls and the software in firewall appliances, must, like a good virus protection program, be upgraded to be truly effective. Fortunately, the manufacturer typically builds in an automatic update reminder, making this a simple task for the user. In my "service to humanity," I have become more conscious of doing whatever I can to keep my computer and the Internet secure. I do not want some hacker using my computer as a stepping stone to access and invade other computers. Ron Hays is a Seattle-area computer consultant and executive chairman of the hospice organization Compassion in Action, Seattle. You can reach him at (425) 688-8671 if you have questions or comments, or e-mail him at <hron1@uswest.net>. |