Illegal Internet

John Collins 

8. Security

8.1 Server-side Security

Internet security can basically be broken into two separate areas: client-side security (i.e. you and me), and server-side security (web servers, LAN servers etc.). For the purpose of this discussion I will focus on client-side security, as this is the area that affects the majority of Internet users.

Server-side security is a large and very complex area, and generally falls within the domain of the system administrator. Server-side security only becomes a major issue for the average Internet user when their privacy is violated by sloppy server security, for example, if their e-mail server is hacked, or the server hosting their web site is hacked. It is the system administrator's responsibility to ensure that all measures that can be taken have been put in place to ensure that such eventualities do not take place.

8.2 Client-side Security

Personal security on the Internet is a real issue, one that is unfortunately overlooked or not taken seriously enough by the majority of Internet users. It is this 'care-free' environment combined with the genuine ignorance of many Internet users that allows hackers a free reign over many people's systems, where all of their private documents (letters, e-mails, contact lists, credit card numbers, CV's etc.) are liable to fall into the wrong hands, without the user even knowing that their system has been hacked.

For this section on personal Internet security, I will guide you through a practical tutorial on how you can beef-up your online presence. There is no such a thing as a completely 100% safe method, but you can go out of your way to make it difficult for any black-hat hacker to target your computer, and therefore make it a very unattractive target.

This tutorial will be broken into four main areas:

1. Anti-virus security.
2. Personal firewall.
3. Encryption.
4. Responding to being hacked.

This sequence follows a logically sequence, one that could be repeated in a real-world hacker attack on your personal files. Hopefully, this will become clear as we proceed.

8.2-1 Anti-virus Security

In part 5 of this article, I discussed in detail what a computer virus is, but I neglected to discuss how you could protect your machine from computer viruses, which is exactly what I will cover here.

Anti-virus Software:

Anti-virus software resides in the active memory of your computer, and takes control of your machine to alert you if an active virus is present on your machine. If the software cannot repair the infected file, it will quarantine the file or give you the option of safely deleting the file from your system.

Anti-virus software may also be used to scan your hard disk, floppy disks, zip disks or CD ROMS. It may also be used to scan attachment files in e-mails, which is one of the main sources of viruses. The important thing to remember is that new viruses are being discovered daily, so if you have anti-virus software installed then you need to make sure that you keep it's library of known viruses up-to-date, otherwise you will have no protection against the latest batch of viruses.

General Virus Prevention Methods:

There are many other methods to prevent your computer files from becoming infected, most of which are common sense. Here are some of the more important ones:

• ALWAYS be wary of unsolicited e-mails, especially ones of an 'unsavoury' nature such as pornography related e-mails.
  
  
• Any .exe (executable) files should not be opened unless you trust the source 100%.
  
  
• Always be wary of any software that you install on your system, especially free downloaded software. Check the software company's credentials.
  
  
• Steer clear of 'Warez' (pirate software).

Finally, and most importantly, backup all of your important data onto floppies, zip disks or ideally CD ROMs. That way if the worse does happen, and you need to wipe you computer's hard disk (or the virus does it for you!), then at least all of your hard work is stored in a safe location.

8.2-2 Personal Firewall

Firewall technology is nothing new; it has been present on most Internet and LAN servers for many years. What is new is that firewall technology is now available on a smaller scale for the single user with one computer connected to the Internet. While not as immediately important as anti-virus software, if you are serious about your security and protecting your privacy online, you might consider buying a firewall.

Firewall software acts as a secure barrier between your computer and the outside world. It monitors all traffic to and from your computer, and decides whether or not this is normal Internet activity or an unauthorised security risk. To the hacker, firewall gives the impression of your computer not being there, or at very least being difficult to locate. Furthermore firewall provides additional protection against Trojan horses, as it will block the unauthorised e-mailing of the key-log file to it's intended recipient, and alert you of the Trojan horse's attempt to do so.

It is possible to see how a firewall protects your system by monitoring incoming traffic from the Internet, while at the same time watching for un-authorised software connections from your computer to the Internet.

Like anti-virus software, there are many brands of firewall software on the market. Many companies now offer anti-virus and firewall technologies bundled together at a reduced price, which generally prove to be excellent value for piece of mind.

8.2-3 Encryption

Let us assume that you are infected with a Trojan horse that e-mails off the contents of your 'My Documents' directory, or your e-mail server is hacked and some of your e-mail attachments are stolen, your privacy has now been utterly violated, right? But what if the files that fell into the hackers hands were encrypted using a powerful algorithm combined with long, complex password that the hacker could never crack? In theory, the integrity of your data should still be secure in this 'worse-case scenario', provided you have taken these precautions.

Encryption programs basically 'scramble' the original file so that it is unreadable to anyone without the correct password to de-scramble the file. Apart from the many commercial products available, there are many reputable encryption engines available online for free. These allow the user to encrypt all types of data files at will (Word documents, JPEGs, databases etc.), some even allow the user to create self-extracting zipped archives that are also encrypted, which provide an excellent means of transferring important data files via e-mail in a safe and secure way.

The key to data encryption is to choose your passwords carefully, and change your passwords frequently.

8.2-4 Responding to being Hacked

If your computer is hacked and you do not have any form of firewall installed, you won't even know it happened. Let us suppose that you have firewall installed, and your firewall has alerted you of an attempted hack attack which it has blocked, what do you do next? An attack may show up in your firewall log-file looking something like this (note that some details have been removed for security reasons):

03/11/01 17:13:01 Rule "Default Block Backdoor/SubSeven Trojan horse" blocked (***.***.**.***,*****). Details:
Inbound TCP connection
Local address,service is (***.***.**.***,*****)
Remote address,service is (***.***.**.***,*****)
Process name is "N/A"
03/11/01 17:13:01 Intrusion attempt detected from address 123.123.123.00 by rule "Default Block Backdoor/SubSeven Trojan horse".
Blocked further access for 30 minutes.

The key piece of information here is that your firewall has capture the hacker's IP (Internet Protocol) address, 123.123.123.00, which allows you to trace the whereabouts of the hacker (i.e. literally to any city in the world). Using a piece of software called Visual Route, you can now run a trace on the IP address. Visual Route will now follow the path of the IP address right back to the ISP's (Internet Service Provider's) server that the hacker is using to connect to the Internet. It is now possible to e-mail your firewall log-file to the hacker's ISP, alerting them to his/hers misuse of their service.

8.3 Review of Client-side Security

In this tutorial on Internet security, I have shown how any Internet user can protect their privacy online by simply being armed with the right knowledge and tools. I have shown how to safe-guard against viruses, explained the importance of firewalls and what they do, explained how data security can be increased even further by employing encryption software, and finally how a user can respond to being hacked from a remote location.

Internet security constitutes many other areas that are not covered in this tutorial, but I hope I have ignited the spark that will motivate the Internet user to research for themselves the various methods at their disposal, in order to make themselves the least attractive target for any potential hack attack.