ITRC Fact Sheet 119
Direct Connections to the Internet:
Protecting Yourself and Your Information Against Intruders
This fact sheet covers:
Today people use the Internet to see what movie is playing, shop, do homework, pay bills and for banking and financial transactions. For many of us, e-mail has not only taken the place of postal mail, but also replaces many telephone calls. There is an increasing group of Internet users who have direct connections to the Web through cable modem, T-1, or DSL, which means they are connected 24 hours a day, 365 days a year. For the most part, these types of connections are wonderful as the computer is always “on.” This offers convenience and speed for everyday use.
However, there are several drawbacks to being continuously hooked up to the internet. Some Internet Service Providers (ISPs) are neglecting to tell you just how vulnerable you might be to being hacked or otherwise attacked while connected to the Internet. This constant connection allows for a greater risk of exposure of any personal information on your computer. This connection can also be exploited by unscrupulous outsiders to utilize your computer as a ghost station, i.e. storage of data that is not yours, sending out spam emails or forwarding viruses.
The Internet is just like the rest of the world. It is populated with the same kind of people society deals with on a daily basis, including criminals. Leaving your computer hooked up to a direct connection without firewall protection, either by software or hardware, is like leaving your house unlocked.
Once a thief gains access to your computer, they can gather all the personal or sensitive information you have stored on the hard drive unless your information is securely encrypted. Social Security Numbers, credit card numbers, bank account information, your budget, and your electronic tax returns - any and all are at risk. Identity theft is on the rise, and these pieces of information are the keys that imposters seek. The intruder could also gain complete control of your computer, using it for criminal intrusion of other computer systems, while leaving the evidence of that further intrusion pointing directly back at you.
- Install a firewall to protect your information. A firewall can be thought of as a police officer on traffic duty: it blocks traffic or permits traffic. The most important thing to recognize about a firewall is that it implements an access control policy, either allowing or blocking specific outgoing and incoming traffic. A firewall, when used properly, can prevent access by unauthorized external attempts to connect to your computer. Without a firewall, hackers might be able to see some or all of your hard drive: your tax records, the account numbers you placed in the computer for record-keeping, your bank information, and personal communications.
Warning: Each program you load onto your computer, after installing your firewall, may open ports through the firewall. Be careful to know and control what programs on your computer can access the internet.
- Install reputable anti-spam and anti-virus software. Most reputable anti-spam software programs today are also programmed to identify known spyware, possible malware threats and viruses, which could contain Trojan horses as well. Many threats are delivered by email, specifically spam. A good anti-spam program will help reduce your risk of inadvertently opening an email that contains a threat.
- Keep your anti-virus, firewall and operating systems updated. Set your computer to update the Windows system automatically for critical updates. This procedure can be set to run during the night or whenever you please, but it should be set to automatic updating. Set antivirus software to update daily, so that when it scans (either scheduled scan or real time scan), it is running with the most recent virus information. Do not let your antivirus subscription run out. If you see a “time to update” notice sent by the supplier of your operating system, verify that it is authentic and then do so.
- Be certain of both the source and content of each file you download. Don't download an executable program just to "check it out." If it’s a Trojan Horse virus (defined below), the first time you run it, you’re already infected. In other words, you need to be sure that you trust not only the person or file server that gave you the file, but also the contents of the file itself.
Trojan: Trojan attacks pose a serious threat to computer security. In today’s computer world, a Trojan is a malicious, security-breaking program that is disguised as something benign, such as a screen saver, game or joke. It might send itself to everybody on your email address book, erase or modify your files or download another Trojan horse program designed to steal your passwords. Many Trojans also allow hackers to take over your computer and remote control it. Trojans have become more sophisticated in recent years as hackers use them to scan your system for vital information (credit card numbers, SSNs, bank account numbers), and use the retrieved information to open accounts, run up huge credit card debt, or drain the bank accounts of unsuspecting victims.
Trojans can be spread in the guise of literally anything people find desirable, such as a free game, nude picture, MP3 song, etc. You might have downloaded the Trojan from a website or file transfer without even knowing it. That is why it is important to always know what you are downloading and who is sponsoring the program.
Remember that a virus or Trojan might cause your friend’s computer to automatically send you the questionable file. Many viruses and Trojans are sent from unknowing friends who contacted the virus, which then used their email addresses to send it to you. In general, there is no reason for even a friend or colleague to send you an executable file.
When in doubt, ask them first before opening the attached file. Be aware that “free” programs or spam might also contain a troublesome file. If you download commercial games or other software from unknown shareware sources or “spam,” it’s just a matter of time before you fall victim to a Trojan or virus.
- Be cautious of dealing with pop-ups. This is a perfect place to plant a virus or Trojan program. You never know who wrote the program, or that person’s intent. If you don’t know the supplier, do not allow it to run or install.
- Beware of hidden file extensions. Windows often hides the last name extension of a file, so that innocuous-looking picture file, "susie.jpg", might really be "susie.jpg.exe", an executable Trojan. To avoid being tricked, unhide those extensions, so you can see them. This is an option selected in Windows Explorer under Tools\Folder Options\View. Make sure to “Apply to all folders.” That way the final extension will show in all programs. Also, your anti-virus software should spot this trick.
- Don't be lulled into a false sense of security just because you run anti-virus programs. Many anti-virus programs do not protect against all viruses and Trojans, even when fully up-to-date. It’s a race between the virus creators and the anti-virus cures. You need both virus protection and firewall programs to achieve maximum protection against hackers and intruders.
Virus: A dangerous computer program with the characteristic feature of being able to generate copies of itself, and thereby spreading. Additionally, most computer viruses have a destructive payload that is activated under certain conditions. It may also be able to infect other programs on the same computer. Viruses can do serious damage, including erasing files or an entire hard drive. Viruses are transferred by electronic contact and usually are attached to a data file. You send it to a friend or co-worker by sending a file or an email that contains the virus. Typically you need to open an infected file to activate the virus, or sometimes an infected web site page.
- If you play games online, do not publish your I.P. address on websites or newsgroups unless you are very sure that you are fully protected. You would be much better off logging into others’ game servers, instead of inviting others to log onto your game server at a precise I.P. address.
Warning: Providing a precise I.P. address may allow others to get inside your firewall.
- Backup your system. One of the best ways to protect yourself in the result of a virus attack is to have a clean set of backup disks/tapes/CDs that will fully restore your system (without the virus) and the applications you are using. Too often, home computer users fail to protect themselves in this manner. With CD burners and accompanying software being relatively inexpensive, a full system backup can quickly restore your computer in the event that your hard drive has to be reformatted.
- Turn off your computer when not in use. If you are not connected to the Internet, because your computer is off, you cannot be infected, hacked or hijacked.
- Use common sense. When in doubt, assume the unknown attachment is a virus. Pay attention to virus alerts. Don’t even consider trying to outsmart those who have created these malicious programs. Reconsider storing personal information in your computer. Instead, transfer it to a CD and use the CD when you need the information. This is especially true of passwords, Social Security Numbers, tax and financial records.
Worm: Like a virus, a worm is also a program that reproduces itself. Unlike a virus, however, a worm can spread itself automatically over the network from one computer to the next without attaching itself to another file. Typically worms do not destroy a computer or files. They just take advantage of automatic file sending and receiving features found on many computers. However, a worm can send a virus through your computer to others using this auto-send feature.
Firewall: A firewall is a device, either software or hardware driven, that enforces an access control policy between two networks. A computer connected to an Internet Provider, for instance, represents a bridging of two networks. A firewall can be thought of as a pair of guards: one blocks traffic and the other permits traffic. Some firewalls place a greater emphasis on blocking traffic, while others emphasize permitting traffic. The most important thing to recognize about a firewall is that it implements an access control policy. That means you have control over what program or website is allowed to mingle with your computer. Even if you are unsure as to what kind of access you want programs or websites to have to your computer, it is vital - if you are a cable modem or DSL user - that you employ a firewall. Most firewalls manufactured today come with pre-set recognitions of those popular programs that most folks tend to have on their computers. Therefore, they take much of the guesswork out of a user having to determine what programs should communicate via the Internet (and either send or receive information) or not. Even dial-up Internet users, if they intend to remain online for hours on end, should have some sort of firewall protection. For such folks, there are a good number of free firewall programs available to suit their needs.
Software-driven firewalls: A software firewall is okay for one computer connected to the web. Windows XP includes a limited firewall. You should consider whether or not this is sufficient protection. If not, replace it with a stronger firewall software program.
Hardware-driven firewalls: If you have a small home network (two or more computers) you should look at a hardware-based firewall. A hardware firewall is superior to software solutions because a computer (directly connected to the cable modem or DSL) running firewall or other protection software is still visible on the Internet. If, however, a hardware firewall is used, the computer(s) are shielded from direct connection to the Internet, and that makes it more difficult for an outsider to directly attack the computer. There are several good hardware solutions available. These devices provide a lot of protection for multiple computers for a relatively low cost.
Jumping on the direct connection bandwagon can be safe and fun as long as you protect yourself adequately from unwanted intruders by using either a software or hardware firewall, practicing safe techniques and keeping virus protection updated.
For information on the topic of peer-to-peer software, please refer to ITRC Solution SN 19 – File Sharing and Peer-to-Peer Software Safety