|
|
| Our mission at DeSotoISP.com is to make your computer experience as safe and enjoyable as possible. We
have made various online scanners available to assist you in your
computing venture. Feel free to utilize any of these FREE scanners as
needed.
SCAN Your PC For FREE: What's in YOUR System!
Choose Your Weapon! Popular Free Tools and Links Provided by Trend Micro
HouseCall
Free Virus and Spyware Scan for your computer
HijackThis
Scans your computer to find settings possibly changed by spyware or other unwanted programs
Securing
your home computer is not a trivial task. There are many topics to
consider and many steps to follow. They take time to learn and do. YOU should also take the time. Techniques to Exploit Vulnerabilities
As
intruders become more sophisticated, they identify new and increasingly
complex methods of attack. For example, intruders are developing
sophisticated techniques to monitor the Internet for new connections.
Newly connected systems are often not fully configured from a security
perspective and are, therefore, vulnerable to attacks.
The most
widely publicized of the newer types of intrusion is the use of the
packet sniffers described in the section above on packet sniffers. Other
tools are used to construct packets with forged addresses; one use of
these tools is to mount a denial-of-service attack in a way that
obscures the source of the attack. Intruders also "spoof" computer
addresses, masking their real identity and successfully making
connections that would not otherwise be permitted. In this way, they
exploit trust relationships between computers. You should not rely on
just one form of protection but rather set up layers of protection. You
should also run scans often to verift that your system is still secure.
Property has its duties as well as its rights.
— Thomas Drummond (1797-1840)
Your home computer is a popular target for intruders.
Why? Because intruders want what you’ve stored there. They look for
credit card numbers, bank account information, and anything else they
can find. By stealing that information, intruders can use your money to
buy themselves goods and services.
But it’s not just
money-related information they’re after. Intruders also want your
computer’s resources, meaning your hard disk space, your fast processor,
and your Internet connection. They use these resources to attack other
computers on the Internet. In fact, the more computers an intruder uses,
the harder it is for law enforcement to figure out where the attack is
really coming from. If intruders can’t be found, they can’t be stopped,
and they can’t be prosecuted.
Why are intruders paying attention to home computers? Home
computers are typically not very secure and are easy to break into.
When combined with high-speed Internet connections that are always
turned on, intruders can quickly find and then attack home computers.
While intruders also attack home computers connected to the Internet
through dial-in connections, high-speed connections (cable modems and
DSL modems) are a favorite target.
No matter how a home computer is connected to the Internet, intruders’ attacks are often successful. Many
home computer owners don’t realize that they need to pay attention to
computer security. In the same way that you are responsible for having
insurance when you drive a car, you need to also be responsible for your
home computer’s security. This document explains how some parts of the
Internet work and then describes tasks you can do to improve the
security of your home computer system. The goal is to keep intruders and
their programs off your computer.
How do intruders break into your computer? In
some cases, they send you email with a virus. Reading that email
activates the virus, creating an opening that intruders use to enter or
access your computer. In other cases, they take advantage of a flaw or
weakness in one of your computer’s programs – a vulnerability – to gain
access.
Once they’re on your computer, they often install new programs that let them continue to use your computer –
even after you plug the holes they used to get onto your computer in
the first place. These backdoors are usually cleverly disguised so that
they blend in with the other programs running on your computer.
The next section discusses concepts you need to know, especially trust.
The main part of this document explains the specific issues that need
your attention. There are examples of how to do some of these tasks to
secure a Microsoft Windows 2000-based computer. We also provide
checklists you can use to record information about the steps you have
taken to secure your computer. Finally, a glossary defines many of the
technical terms used in this document. Unless otherwise stated in the
glossary, the definitions come from the Webopedia Online Dictionary for
Computer and Internet Terms
Whether your computer runs
Microsoft® Windows®, Apple’s Mac OS, LINUX, or something else, the
issues are the same and will remain so as new versions of your system
are released. The key is to understand the security-related problems that you need to think about and solve.
As
of 1996, the Internet connected an estimated 13 million computers in
195 countries on every continent, even Antarctica (1). The Internet is
not a single network, but a worldwide collection of loosely connected
networks that are accessible by individual computer hosts in a variety
of ways, including gateways, routers, dial-up connections, and Internet
service providers. The Internet is easily accessible to anyone
with a computer and a network connection. Individuals and organizations
worldwide can reach any point on the network without regard to national
or geographic boundaries or time of day.
However, along with the convenience and easy access to information come new risks. Among
them are the risks that valuable information will be lost, stolen,
corrupted, or misused and that the computer systems will be corrupted.
If information is recorded electronically and is available on networked
computers, it is more vulnerable than if the same information is printed
on paper and locked in a file cabinet. Intruders do not need to enter
an office or home, and may not even be in the same country. They can
steal or tamper with information without touching a piece of paper or a
photocopier. They can create new electronic files, run their own
programs, and hide evidence of their unauthorized activity.
Probe
A
probe is characterized by unusual attempts to gain access to a system
or to discover information about the system. One example is an attempt
to log in to an unused account. Probing is the electronic equivalent of
testing doorknobs to find an unlocked door for easy entry. Probes are
sometimes followed by a more serious security event, but they are often
the result of curiosity or confusion. Scan
A
scan is simply a large number of probes done using an automated tool.
Scans can sometimes be the result of a misconfiguration or other error,
but they are often a prelude to a more directed attack on systems that
the intruder has found to be vulnerable.
Account Compromise
An
account compromise is the unauthorized use of a computer account by
someone other than the account owner, without involving system-level or
root-level privileges (privileges a system administrator or network
manager has). An account compromise might expose the victim to serious
data loss, data theft, or theft of services. The lack of root-level
access means that the damage can usually be contained, but a user-level
account is often an entry point for greater access to the system.
Root Compromise
A
root compromise is similar to an account compromise, except that the
account that has been compromised has special privileges on the system.
The term root is derived from an account on UNIX systems that typically
has unlimited, or "superuser", privileges. Intruders who succeed in a
root compromise can do just about anything on the victim's system,
including run their own programs, change how the system works, and hide
traces of their intrusion.
Take the Kaspersky Challenge: See what your current antivirus is missing.
Our free online
virus scanner is a great way to find out if you have any viruses or
spyware on your machine without having to uninstall your current
antivirus software or install a new one. Most importantly, you can see
what viruses your current antivirus software let slip through! You just
need to be online and using Internet Explorer.
Packet Sniffer
A
packet sniffer is a program that captures data from information packets
as they travel over the network. That data may include user names,
passwords, and proprietary information that travels over the network in
clear text. With perhaps hundreds or thousands of passwords captured by
the sniffer, intruders can launch widespread attacks on systems.
Installing a packet sniffer does not necessarily require privileged
access. For most multi-user systems, however, the presence of a packet
sniffer implies there has been a root compromise.
Denial of Service
The
goal of denial-of-service attacks is not to gain unauthorized access to
machines or data, but to prevent legitimate users of a service from
using it. A denial-of-service attack can come in many forms. Attackers
may "flood" a network with large volumes of data or deliberately consume
a scarce or limited resource, such as process control blocks or pending
network connections. They may also disrupt physical components of the
network or manipulate data in transit, including encrypted data.
Malicious Code
Malicious
code is a general term for programs that, when executed, would cause
undesired results on a system. Users of the system usually are not aware
of the program until they discover the damage. Malicious code includes
Trojan horses, viruses, and worms. Trojan horses and viruses are usually
hidden in legitimate programs or files that attackers have altered to
do more than what is expected. Worms are self-replicating programs that
spread with no human intervention after they are started. Viruses are
also self-replicating programs, but usually require some action on the
part of the user to spread inadvertently to other programs or systems.
These sorts of programs can lead to serious data loss, downtime, denial
of service, and other types of security incidents.
| |
|