Computer Info – May 10, 2000
This Week’s Program
John Watkins will be hosting
the meeting this week. His program will consist of looking at the new features
of ACDsee version 3 -- a look at the new SpeedStep technology for laptops
from Toshiba -- Mobile Computing using Cell-Phone and Infra Red connection
( look NO cables) -- and, of course, the normal ask a question !!!! session.
Internet Security
Information from Steve Gibson – Gibson Research Corporation -- http://grc.com
If your computer is only connected
to the Internet briefly, when you're browsing the web or retrieving and
sending email, your connection exposure will be minimal. But if you are
one of the millions of people who are discovering the amazing power and
convenience of a persistent connection to the Net — through a cable modem
or DSL line, then your exposure is substantially greater.
" The Internet is a BIG place. What's the chance that my little
computer would even get noticed? "
There are MANY FREELY AVAILABLE
"scanners" being run by bad people who are sweeping the Internet looking
SPECIFICALLY for computers running Windows File and Printer Sharing! They
leave these scanner programs running night and day collecting IP addresses
— one of them might be yours! — then they "map" that drive's shares onto
their local drive letters to gain total access to your computer's files!
What can you do to protect yourself? The single BIGGEST security
hole that exists is Windows File and Printer Sharing over your TCP/IP
(Internet) connection. I've encountered many freely available scanners
that specifically target "open Windows shares" and password crackers are
free for the downloading.
If your Internet-connected
computer is not networked to any other machines there's absolutely no need
to have file and printer sharing installed and often no need to have Microsoft
networking loaded, running, consuming precious RAM memory, and dramatically
lowering your Internet security!
Client for Microsoft Networks — Just Say No. The "Client for
Microsoft Networks" is only used when connecting your Microsoft operating
system to other Microsoft operating systems. It has NOTHING to do
with the Internet All web browsing, email, newsgroups — everything — will
continue to work just as it did before. It was unnecessarily installed
and should be immediately removed. After you remove the Client for Microsoft
Networks (and its related file and printer sharing) from all of your TCP/IP-using
adapters, it quietly disappears from sight and your system's security skyrockets.
You won't miss it at all,
Windows will boot faster, and you'll have more memory for things you do
need.
Removing Client for Microsoft Networks and file and print
sharing. From MY COMPUTER – double click on CONTROL PANEL – then
double click on NETWORK.
To just disable the file
and print sharing – click on the button labeled FILE & PRINT SHARING.
Then check to see that there is no checkmark in front of "I want to be
able to give others access to my files" and "I want to be able to allow
others to print to my printer." Then click OK.
To remove the Client
for Microsoft Networks which will also remove the file and print
sharing – highlight CLIENT FOR MICROSOFT NETWORKS and click the button
labeled REMOVE. Then click on OK. You will be ask to restart your computer
for the changes to take place.
All security problems will not be solved by the above methods.
It is very important to note, however, that removing or disabling file
sharing does not preclude the possibility of an intruder gaining access
to your system through any of a number of other Internet services or systems
that might be present in your computer. For example, numerous exploits
have been documented of hackers entering a system through Microsoft's Personal
Web Server, IRC, ICQ, telnet, web browsers, email readers, and anything
else you can imagine! Therefore, if the security of your system is of true
concern, you must act to proactively guard against intrusion. Any component
within your system that touches the Internet creates a potential opening
for attack.
If your computer has a persistent
connection to the Internet it will be quickly located, logged, and targeted
as an opportunity for break-in by Windows share scanning intruders.
If you MUST share files across the Internet a personal firewall
is the ONLY WAY to be safe!
As we look at firewalls,
a serious issue needs to be addressed: The frenzy to secure our Internet
connected PC's has spawned a hoard of really bad pseudo-firewalls.
If you are using a single
stand-alone PC for Internet access, the preceding information will have
equipped you to secure that machine without the need for any additional
software. But if your needs are more complex, and especially if you do
need to share files across the Internet, you will need some additional
software to secure both ends of the Internet connection.
What's a Firewall? You can probably guess what a firewall does
just from its name. The idea is a simple one, which is why it works so
well: A firewall ABSOLUTELY ISOLATES your computer from the Internet using
a "wall of code" that inspects each individual "packet" of data as it arrives
at either side of the firewall — inbound to or outbound from your computer
— to determine whether it should be allowed to pass or be blocked.
A firewall is a super cool
idea. This is so true, that someday firewalls will be standard equipment
on all PC's. There's no question about it.
All internet communication
is accomplished by the exchange of individual "packets" of data. Each packet
is transmitted by its source machine toward its destination machine. Packets
are the fundamental unit of information flow across the Internet. Even
through we refer to "connections" between computers, this "connection"
is actually comprised of individual packets travelling between those two
"connected" machines. Essentially, they "agree" that they're connected
and each machine sends back "acknowledgement packets" to let the sending
machine know that the data was received.
In order to reach its destination
— whether it's another computer two feet away or two continents distant
— every Internet packet must contain a destination address and port number.
And, so that the receiving computer knows who sent the packet, every packet
must also contain the IP address and a port number of the originating machine.
In other words, any packet travelling the net contains — first and foremost
— its complete source and destination addresses. As we've seen earlier
on this site, an IP address always identifies a single machine on the Internet
and the port is associated with a particular service or conversation happening
on the machine.
Since the firewall software
inspects each and every packet of data as it arrives at your computer —
BEFORE it's seen by any other software running within your computer — the
firewall has total veto power over your computer's receipt of anything
from the Internet.
A TCP/IP port is only "open"
on your computer if the first arriving packet which requests the establishment
of a connection is answered by your computer. If the arriving packet is
simply ignored, that port of your computer will effectively disappear from
the Internet. No one and nothing can connect to it!
But the real power of a
firewall is derived from it's ability to be selective about what it lets
through and what it blocks. Since every arriving packet must contain the
correct IP address of the sender's machine, (in order for the receiver
to send back a receipt acknowledgment) the firewall can be selective about
which packets are admitted and which are dropped. It can "filter" the arriving
packets based upon any combination of the originating machine's IP address
and port and the destination machine's IP address and port.
One recommended firewall program
ZoneAlarm 2.0 (a
firewall program) has been released! My fingers are crossed, the dust is
still settling and the paint is still wet. It's too early to tell for sure,
but it looks like Zone Alarm 2.0 (ZA) will be the PERFECT and ULTIMATE
PERSONAL FIREWALL for the typical Internet user! And it's 100% free for
the individual user! I am using it right now — and NOTHING ELSE! — on my
personal system, and so far I love it! I think ZA combines the best of
ALL worlds and eclipses every other firewall ever created.
http://www.zonealarm.com