cancel
Showing results for 
Search instead for 
Did you mean: 

Welcome to the Internet Security forum and a customers view

N/A

Welcome to the Internet Security forum and a customers view

Hi There,

Internet security is playing a growing part in everyone’s online experience. In this forum you can discuss all matters relating to Internet Security, be that the latest Virus Threat, questions about alerts from your firewall, or discussions about security software. It’s up to you!

This is a community forum and the support team don’t normally respond to posts made here (Although we will have input at quiet times). If you have a specific question, which requires support input, please raise this via Contact Us or in the Customer Feedback forum. Alternatively, if a security matter relates to another PlusNet customer, you can contact our team directly by emailing abuse@plus.net. Please DO NOT post usernames or IPs of other customers here.

As members of the community, you are welcome to make any suggestions about how you would like this forum to develop in the future. The board administrators will be happy to make changes to the forums to help everyone here gain maximum benefit from the other users in our community.

As always, please ensure you stick to the Forum Guidelines and Forum Rules when posting here. The group will be moderated as required by Support and we would welcome offers of help from any customers who could assist with this.

With Regards,

The PlusNet Support Team

Thoughts on basic security issues supplied by Plusnet customer tfbonline

The day you connect your computer to the outside world via a bit of wire, is the day you advertise your presence to those malicious people and programs that want to attack you.

No matter what technology you use to implement the Internet connection you are a target. Modems are good because your lousy browsing and download speed ‘tends’ to put the human element off, but viruses and other malicious programs don’t care.

To begin with, there are four main types of malicious program, which are broadly, if inaccurately, termed viruses. No anti-virus tool on its own can guarantee protection against them all. You need to take other precautions too. On the other hand, if you connect your computer to the outside world in any way. Yes that DOES include the simple action, of putting a disk into the floppy drive of your machine, that’s been in another computer. At this point, if you do not have any anti-virus software installed on that machine, then the word ‘optimist’ is possibly a fairly charitable description of your state of mind. J

Broadband on the other hand is a bit like saying to the entire Internet “Hey Here I am Attack Me!” Yep that wonderful always on connection you’re using, is just something that is permanently available to be attacked.

So what can we as the poor “victims” do?
There are a few ways that you can protect yourself, this document tries to stick to a total range of solutions that stay under about a hundred quid, some are even free!

First we need to look at how you’re connected to your broadband. Many of us start off with the USB or PCI modem, the cheapest option and potentially the least secure. In this instance it seems to me that it is sensible to try to ‘hide’ your existence by the use of products such as zone alarm, Norton internet firewall, or similar. These work by controlling what traffic enters or leaves your system, and in the case of zone alarm by ‘stealthing’ your computer. This is done by responding to all probes or attacks by not returning the internet’s ‘here I am’ signal to the requesting computer. Hence as far as the world is concerned you are not there, and yes I am simplifying the terminology here.

Even if you don’t use one of these products, it is still possible to ‘harden’ a Windows NT derived operating system such as Win 2000 or Win XP (Pro is by far the better choice here) to at least make it very difficult for an intruder to actually do anything you don’t want them to with your system. “How do I do this?” I hear you cry, typing, “hardening Windows xx”, where xx is your version of Windows, into pretty much any internet search engine is a good start.

Any Windows 9x derived operating system (95, 98, ME) normally has no effective security at all, so I would suggest in the strongest terms get something else to protect yourself, even if it’s only the free version of zone alarm. Oh and that P2P software you use for finding and downloading MP3s or Movies….. OOPS! Wrongly configured that stuff simply shares the entire contents of your system with anyone using that particular software.

If you’re using a Router then you have done two things, one good, one not so good. The not so good bit is that routers cannot reply to a ‘where are you’ request with nothing, they MUST say ‘I’m here’ so they can always bee seen.

On the other hand routers typically have some form of firewall attached or integral to them, the quality of this firewall should be part of your buying decision. The firewall at least does something to restrict externally originated traffic and so in that respect they’re good. Also if you’re sharing a connection with multiple computers then your speed will be higher with a router as it isn’t all shifted through a single computer which has to do lots of extra processing and internal routing.

Problem – Routers and firewalls don’t offer any protection at all from Trojans, one of those ‘non virus’ malicious programs I told you about earlier. The purpose of a properly configured hardware firewall is to permit all internally originated traffic and block all but explicitly permitted externally originated traffic. The problem here stems from the fact that a Trojan infecting your system initiates an outbound connection to the nasty people, who then use that connection to attack your system, thereby bypassing your security.

Finally Update your operating system. Thanks here to Spenser for reminding me of these. If you are using any modern Microsoft operating system, then updates are available free of charge from Microsoft’s web sites. I usually wait a couple of days before applying them but whatever you do take a backup before you do so. Mostly there is an uninstall option, if on the off chance, it messes your system up but why take the risk?

So far therefore we’ve identified four useful security tools:
1. The Anti-Virus Product. Yes free products are available here, what the free ones are like, I don’t know.
2. The Software Firewall Zone alarm has a free version for personal use it’s OK, but doesn’t like all anti-virus products..
3. The Hardware Firewall may be incorporated into a router, or not, or both.
4. The Operating System Updates and Security Patches. Do it NOW!!


So where do we go from here?
My system is a bit belt and braces, I use a router with the inbuilt firewall locked down as much as I can, then between that and my system I have an old £50 computer, obviously a pile of junk, with two network (LAN) cards, one is the green interface (SAFE-internal network) and one the red interface (DANGER – Router), it has no keyboard mouse or monitor. This computer has a 3.2GB hard drive, 32 MB RAM and has installed a free Linux-based firewall system called SmoothWall GPL. This system was quite easy to set up and it seems solid as a rock. I have Zone Alarm installed on my main network PC and I have not heard a squeak out of it since I set my system up in this manner. (Prior to that with an ADSL Modem I had 5600 intrusion attempts/port probes blocked in a 3 month period) At least they were blocked eh? Well the ones I know about were! The operating system is patched up to date and the anti-virus product updates at least once per week.

Total cost of a system similar to mine
Router: £60
Zone Alarm: £FREE
Old PC: £50 (Actually this was my old PC from about 4 years ago, so it too was free, it pays to be a hoarder!)
Lan Card and Cables: £20
Anti-Virus £30

I know this is more than £100 but only if you have to actually buy the old computer. Obviously if, unlike me, you bought the router first time round then you’ve saved the £60 too!

Again thanks to Spenser for the following, slightly bastardised, quote from the “Security on the Cheap” thread.

What are you protecting?
Against the malicious attacker, your time. If you have to rebuild your system because some jerk with a script thinks it’s funny to cause mayhem, it is unlikely that it’ll be at a convenient time to suit you. What about your data, your work? How good are your backups? Up to date?

At the other end of the scale, how many of us make on-line purchases using credit cards? How many of us take the easy option and let our computers remember passwords to other accounts holding personal information? Private letters, emails? Someone willing to attack in this way is unlikely to be scrupulous about how (s)he uses or sells any information gained.


You don’t have to be very clued up to do this, a 17 year old student at a college fairly local to me, was recently arrested for using the college Learning Resource Centre computers, to steal credit card details online.

So How do you test the security of your system?
There's an excellent tool called "Shields Up" at http://grc.com, which does a scan of your system. If you're going through a router/firewall and using NAT then the results aren't always accurate but if you're not, and aren't using Zone Alarm or similar, it's a real eye opener!

A couple of final thoughts:
Leaving the computer behind your “Always On” connection on all of the time, is not a good idea. Unless of course, you don’t care about it getting attacked.

Paranoia is only a bad thing if the rest of the world are NOT out to get you!

The above is taken from parts of a thread called Security on the cheap and further comment can be added to that thread.