We've all heard the stories. You know the ones I mean. An online store is hacked and credit card numbers are stolen. Or malicious hackers instigate a denial of service attack to put a site out of commission. These events raise many concerns regarding the safety of the internet from a privacy standpoint. This also includes your home computer, especially if you are on a broadband connection. But even if you access the internet through a modem connection, or just because you are not online very often, doesn't mean your computer is safe from malicious hackers. The more common ways for someone to gain access to your computer, to violate your privacy or to steal data or cause damage to your system are:
In the following text, I will briefly address each of these issues. However, there are websites already available that can give you more and better information than I can. One of the best sources is www.grc.com, a website operated by Steve Gibson. Mr. Gibson is heavily involved in internet security and privacy issues. I suggest you visit his site as well as the following. Other sites are listed throughout this document.
If you don't believe you're vulnerable to such attacks, the firewall I am using recently blocked an attempt by someone to gain access to my computer....from Denmark! Read on!
I assume I now have your attention! Don't be concerned, the above is a demo only. This site does not extract information from you without your knowledge. Actually, most of the information listed above is rather harmless. In fact, since different browsers can require different approaches to programming and scripting, many websites read the above information so they can properly display and/or redirect you to the proper pages. However, a bit more programming, an Active-X control here, a JAVA Applet there, and its not difficult to plant a virus or Trojan to 'steal' information from your computer, to determine what sites you like to frequent, etc. If this concerns you, it should! So what are some of the methods used by malicious hackers and what can one do to prevent such unwanted intrusion? Let's see.
A spy program is any program that secretly resides on your computer and transmits information to a host without your knowledge. Although it could be used to retrieve sensitive information, spy programs are generally used by marketers to determine your buying habits, the types of sites you like to visit, etc. This information is used to study demographics and to target ads that are of interest to you. None the less, it is an obvious intrusion on one's privacy. These spy programs, also known as ad-ware, are often included with and installed at the same time as many freeware and/or shareware programs you may download from the internet. Sometimes, the ad-ware program is imbedded in or made an integral part of the freeware/shareware program you installed.
There's no such thing as a free lunch! Some of you probably use some of these ad-ware infested programs. However, many of the 'free' software downloads available on the internet is free because the author is compensated by various marketers when the author dispays their ad banners. Unfortunately, many of these programs do not let you know exactly what they are doing. For example, you may know they exist, but may have thought they only retrieve and display banner ads. In fact, behind the scenes, these programs may be collecting data about you and are transmitting that information back to the appropriate parent. So what programs perform such covert and dastardly deeds, click here to find out. Another interesting article detailing the actions of RealDownload and NetZip can be found at http://grc.com/downloaders.htm
If you want to know how to remove these ad-ware programs, and don't want to finish reading this page, click here.
A Trojan horse is a destructive program that masquerades as a benign application. Not a virus, perhaps one of the most infamous, although by no means the only one out there, is Back Orifice. The program itself is not necessarily malicious. In fact, it can be downright useful. When installed, it allows an administrator to take control of a computer remotely. As such, the administrator can repair problems, install software, etc. over their intranet, extranet or the internet. The problem is the use of such a program by malicious hackers. Since it is most often used by malicious hackers, Back Orifice has an infamous reputation. One problem with Back Orifice is that it can be difficult to detect, although since it is such a popular malicious hacking tool, many virus programs will detect this program. There are a variety of sites available that help you detect Back Orifice such as www.nwinternet.com/~pchelp/bo/bo.html and www.ozemail.com.au/~dwarren/backorifice/. You can also type Back Orifice into any search engine to find additional information beyond these sites. Unfortunately, anyone can easily download this program from a variety of 'hacker sites'; perhaps the most prominent being 'Cult of the Dead Cow'.
But as stated above, Back Orifice is not the only Trojan out there. Like a virus, Trojans can be distributed in a number of ways including via e-mail. In fact, the ironic part of all this is that the user must be duped into installing the Trojan him/herself! Unlike a virus, most Trojans are not detected and cleaned by anti-virus software, thus the need for anti-Trojan (anti-backdoor) software. There are a variety of sites available that will educate the average user about Trojans and Trojan detection and removal. One of the best is Dark Eclipse Software. Despite the name, this site was developed to aid you in detecting and removing Trojans and comes highly recommended. Other informational sites include:
If you want to know how to protect against Trojans and don't want to finish reading this page, click here.
No discussion of computer and internet security would be complete without some mention of viruses and worms. We are all familiar with viruses as they tend to be widely publicized. Viruses can be programmed to do a variety of things from nuisance or joke effects such as flipping your screen upside down to more malevolent species such as erasing your hard drive. New viruses are being created everyday. Currently there are somewhere near 50,000 different viruses that could potentially infect your computer, quite commonly through email attachments. There are also hoax viruses. These are generally not real viruses, they do not exist. However, they tend to propagate by being forwarded by concerned users who in turn learn of them through an email. Although it isn't necessary to keep up to date on what viruses are out there, it is necessary to keep you virus database for you anti-virus software up to date. It is also wise to check out virus messages to determine if they are in fact a hoax. Some reliable sources of information regarding viruses and hoax viruses are listed below. Click here if you want don't want to finish reading this page.
Malicious hackers often look to gain access to an individuals computer through a server. "But I don't have a server!" you say! You may be surprised. Although most people associate the term 'server' with some remote machine that sends them documents over the internet upon request, there is one type of server most people have. Instant Messaging! Yep! That little piece of software you use to chat with your friends and family over the internet is a simple server. This includes instant messaging from Yahoo!, AOL, ICQ, and MSN as well as a variety of smaller services. IM programs are prophesized to be the 'Next great internet breakthrough', They are already being developed to allow you to play games on line, to transfer files and images and even to talk over the internet. Fortunately, some of these IM programs allow you to grant access only to those on your buddy list. Since servers tend to use the same ports for various activities (i.e.: Port 80 is used for http:, port 21 is used for ftp:, etc.), it is wise to set your IM program to restrict access to only those on your buddy list. Even better would be to keep the program offline until you want to use it (i.e.: Don't use auto-startup).
Since I am not in the business of hacking into websites, I know very little about scanners. Suffice it to say they act similar to police radio scanners. They constantly scan the internet for open and unprotected ports. Malicious hackers often do not care which computer into which they gain access. Sometimes it's just to see if they can do it. Other times it's to steal credit card or other personal information. Yet another reason might be to use your computer as a platform for a 'Denial of Service' (DOS) attack. Actually, one can argue that home computers constantly on-line via ISDN, DSL or Cable service may be more at risk than many corporate sites since it's easier to gain access. The corporate sites have security measures in place, home users generally do not. So unless the malicious hacker specifically wants access to an on-line store or corporate site, you may be the better target. In any case, they're out there and you need to watch out for them.
The only way to prevent any of this from happening to you is to stay off the internet. Not the most practical solution today, and debatably even less practical tomorrow. Fortunately for the good guys, there are numerous talented programmers using their knowledge and expertise to prevent such blatant intrusions into our privacy. There are four types of software you need to protect your computer: AdWare removal, Virus detection and removal, Trojan detection and removal and a personal firewall.
The best way to protect against spy programs is not to download freeware and shareware. The reason this software is free is because the author is supported by banner ads through spyware programs. Often, these authors have a 'pro' version available for a minimal cost without the banner ad support. However, there are numerous other ways for spyware to invade your system. To this end, there are programs available that will remove spyware. The two I am most familiar with are OPTOUT and AD-AWARE. Both programs scan your registry and hard drive for known and suspected ad ware programs. They will also remove these programs if you want them to. Be aware that removal of some spyware programs may not allow the original program to function. In this case, you'll have to make a decision to remove the downloaded software or to run it with the spyware intact.
I should mention OPTOUT is a rather new entry in this market. As such, it does not remove as many spyware programs as does AD-AWARE. However, it is small, compact and easy to install. Besides, experience has taught me not to rely on only one program to do maintenance tasks. Therefore I suggest you download both programs.
Click here to go to the Shield's Up site to download OPTOUT.
Click here to download AD-AWARE
Although there are a variety of Anti-Trojan packages available, I am familiar only with The Cleaner from MooSoft. This program will scan computer memory and hard drives for any indication of a Trojan, then delete it. It can also be set to run in the background to monitor your internet connection for Trojan Activity. Highly Recommended. Unfortunately, I have never found a Trojan program as freeware or shareware. Fortunately, they are not very expensive, and well worth the money. Some sites you may want to visit are:
On the other hand, viruses detection software is available both as freeware and for purchase. Chances are there was virus software installed on your computer when you bought it. My personal favorite is Inoculate IT from Computer Associates. Other programs are listed below. It has been my experience certain virus programs work better with certain machines than others. For example, I did not have good luck with F-Prot and Win95 (although that may have changed) but did like McAfee and Inoculate IT. This is not to say F-Prot isn't a fine piece of software, it may work quite well for you. However, you may want to try several of them before deciding on one. I also encourage you to read the Microsoft Knowledge Base Article on anti-virus software. Some available virus software is listed below.
NOTE: Make sure you maintain the database for your Trojan and Virus software. Most vendors provide an auto-update function to aid you in doing this. Since new viruses and Trojans are being introduced everyday, it is imperative you stay up to date to protect yourself.
It used to be firewalls were available and created for the purpose of protecting mission critical data for businesses. Anymore, there are a variety of firewalls available to protect your system. A review of some firewalls can be found at www.8wire.com/articles/index.asp?AID=1384. Currently, one of the best, if not the best, personal firewall available is ZoneLabs ZoneAlarm. This program is very intuitive and easy to setup and use. Probably the most unique feature is it's ability to block unauthorized OUTGOING transmissions (Such as those from Trojans and Ad-Ware). At this time, it is the only firewall able to do so. As such, it comes very highly recommended. Not all firewalls are free, although ZoneAlarm and Sygate Personal Firewall are. Some of these firewalls even allow you to trace the origin of the hack. Firewalls you may want to look at are:
Hopefully, the above information has been of some use. I purposely did not go into extreme detail as many of the sites listed are far more adept than I to give you such detail. I highly encourage you to download and try each type of program. It is your privacy, possibly your identity, you are protecting! Direct questions to the webmaster. I will try to answer them if I can.