Securing Your Home Network

Introduction

Most people who use computers these days have had to deal with a security issue of some kind – whether they are aware of it or not. Everyone has been infected by one of the many worms or viruses floating around the Internet, or have had someone use your password. Most home computer users are victims of attacks that they have no idea about.

For example, certain programs called ‘spyware' come packaged into seemingly friendly programs you download, this spyware can do any one of a number of things, though most often they send your personal information (such as name and email address) and information about what sites you visit to certain companies.

These in turn will sell your personal information to the spammers and email marketers who will proceed to clog your inbox with junk that they think you might be interested in. To explain how this works, you download a program – say a video player – from the Internet and install it. In the background it installs some spyware. Now you start surfing to car sites, soon you can expect your email inbox to be full of spam offering you great deals on used cars etc.

A lot of people work on the principle that their home computer contains nothing interesting enough for an attacker, what they don't realise is that while an attacker may not target your system specifically, it is very common for them to use programs that will scan vast ranges of the Internet looking for vulnerable systems, if yours happens to be one, it will be automatically taken over and placed at the attackers command. From here he can do a variety of things, like using your computer to attack other sites on the Internet or capturing all your passwords.

Worms and email viruses work the same way, they infect one machine, and then spread by trying to email themselves to everyone in your guest book, or turning your machine into a scanning system to find other targets. They may even contain a malicious payload that can destroy your files, or even worse – email your private documents to everyone you know (this was the case with a worm a few years ago).

Given that the things we use the computer for these days such as online shopping for books or music, electronic banking etc, these threats have a more serious implication than most people realise. You may not have anything worthwhile on your computer, but what if an attacker is able to steal your credit card information when you are buying a book from Amazon.com, or steal the password to your online banking account ?

Luckily the steps you have to take to secure your own PC are fairly simple and can be accomplished by non-technical users given the right guidance. If you follow the guidelines we have given here, you will be safe from most forms of Internet based threats. So here are a few steps you can take.

Email Security

A lot of viruses these days, such as the recent MyDoom virus, spread by emailing themselves to people as an attachment, the email can appear to come from anywhere.. most often it will appear to come from a friend, or an address like clifford_feta@yahoo.com if you use a yahoo account. The email will try and convince you to download and run the attachment which may appear to be a harmless JPG image or SCR screensaver. In fact, the attachment is a malicious program (known as malware), and once opened, can do any of the nasty things we've listed above. Here are the rules you should follow when checking your email.

  1. Has the email come from someone you know ? If so, were you expecting the email and its attachment ? If not, try and confirm with the person over the phone or some other medium.
  2. Does the message make sense ? If you receive an email from your computer illiterate parents saying ‘download this new screensaver', you can be quite sure something is fishy.
  3. Does the email appear to come from someone in authority ? If the email comes from what appears to be the administrator of your email service, you should double check with them. No email service will ever ask you to reveal your password, or threaten to terminate your account unless you download the instructions in the attachment. If you are unsure, always contact their tech-support personnel before opening any attachment.

If you've followed the above steps, and you still think you need to download the attachment, make sure you scan it before downloading. Most popular email services like Hotmail and Yahoo offer you the facility of scanning the attachment, use this feature ! Once you've downloaded it, it never hurts to scan it with your own anti-virus software which you should have installed (we will talk about this in the next tip). Only after you are completely certain this attachment is safe, should you download it. If it is a program (ending in .exe, or something like .jpg.exe), then you should be extra careful. Remember that anti-virus scanners must be up to date to be able to catch new viruses, and even then, you may encounter a virus before the anti-virus companies have been able to analyse it.

Install An Anti-virus Software

90% of the threats you will face as a home user will come not from hardcore cyber criminals, but from automatic spreading viruses known as worms. The best way to guard against virus threats is to download a good anti-virus scanner. Two of the best ones are Norton AntiVirus and McAfee . Remember that the anti-virus needs to have its scanning database (known as virus definitions) regularly updated. You should try and update the definitions once a week. The longer you put it off for, the larger the new definitions package will be, and the more viruses your system will be vulnerable to. All the virus scanners offer some form of automatic update system so that you don't have to remember to keep updating the definitions yourself. Use this feature.

Disable Windows File Sharing

Most people know that Windows allows you to share files with other people on your network. This is called “Windows File Sharing”, and is what you make use of whenever you open network neighborhood. What most people don't know is that even if you don't specifically choose folders to share, Windows automatically shares your entire hard-disk with anyone who knows your system's Administrator account password. Not just will it share the hard-disk, it will allow the person full read and write access to the disk. To disable file sharing in Windows XP, go through the following steps:

  1. Go to the Start menu and select the Control Panel.
  2. In the Control Panel window, double-click on Network Connections.
  3. Right-click on the icon for your network connection in the window that appears. You can do this for all your network connections (e.g. VSNL, LAN etc)
  4. From the menu which appears, choose Properties (use the left mouse button to make your selection).
  5. Under This connection uses the following items, highlight File and Printer Sharing for Microsoft Networks.
  6. Click Uninstall.
  7. When you are asked if you are sure you want to uninstall File and Printer Sharing for Microsoft Networks, click Yes.
  8. Click OK or Close to close the Local Area Connection Properties window.

It is also important to understand that most people just press enter when prompted to choose an Administrator password during the install. This is a very bad idea, as it means that anyone can log into your system as an administrator (full access) without supplying a password. Thus you should try and choose a strong password for the administrator account and any other account that you may create on the system if you share it with other people. Read the tip on choosing strong passwords later on.

Update the Operating System

From time to time, people discover bugs or vulnerabilities in operating systems. These vulnerabilities often allow an attacker to exploit something built into your operating system and take it over. To give you a simple example, a vulnerability may be found in MSN Messenger and an attacker can exploit it to gain control of your system. Whenever such a vulnerability is found, the operating system vendors release what are known as ‘patches' which will fix the problem.

If you make sure your system is up to date with the latest patches, an attacker will not be able to exploit one of these vulnerabilities. To update windows, you have to run the ‘Windows update' service, either by clicking ‘Start >> Programs >> Windows update”, or by going to http://windowsupdate.microsoft.com/ . >From there you can scan your system for missing patches and then download the ones you need. You should try and do this regularly so that the backlog of patches you need to download is not very large. If you miss out on a lot of patches, the download could be really huge. This is also the case when you reinstall the operating system.

Install A Personal Firewall

A personal firewall is a piece of software that runs on your machine and lets you decide exactly what data is allowed to enter or leave your machine over the network. For example, if an attacker is scanning your system for vulnerabilities, it will alert you. If an attacker is just looking through ranges of the Internet for targets, your system will not respond to your probes.

In short, your system operates in a stealthy mode – invisible to an attacker. You also need to be careful about what data leaves your system via the network. Viruses and worms that try and email themselves to other people or use your machine to scan for more victims, spyware tries to send data back to an advertiser, and trojan horse programs may try to connect to an attacker. The personal firewall helps by alerting you every time a program tries to access the network connection. This can be tricky to novice users because even when legitimate programs such as Internet Explorer try to access the internet, the firewall will pop-up a warning box.

However, if you are unsure if an alert is malicious or not, most firewalls have a ‘more info' button on the alert which will take you to their website and tell you whether the program is a legitimate one or a known offender. A personal firewall is no good if you just keep answering ‘yes' to every program that wants to access your internet connection.

Take the trouble to understand what programs on your machine need legitimate access and only allow those. For example if you just downloaded a new screensaver program and the firewall says it wants to access the internet, you can be pretty sure it is trying to send some data back somewhere. It may be spyware or a trojan. Soon you will get used to weeding out the suspicious programs. If you have a permanently on connection like cable-modem or DSL, you should most definitely install a personal firewall. Some of the good ones you can get are:

ZoneAlarm – Very easy to install and use, there is a free version with a few less features than the professional version. Gives you very good information about the alerts it generates. Considered the market leader.

BlackICE – Another very highly rated personal firewall, it is not as user friendly as ZoneAlarm, but allows for some further configuration options

Sygate Personal Firewall – Also less user friendly, but it allows you to make some very powerful configuration changes and it contains a rudimentary intrusion detection system to alert you about common attacks.

If you go to any search engine and search for ‘personal firewall' you will find a whole lot of other options. If you use Windows XP, it is a good idea to turn on the built in Internet Connection Firewall by double clicking on your connection icon near the clock, clicking properties >> advanced >> Protect my computer and network…. This built in firewall is not meant to be a replacement for a full solution like the ones above. It only filters incoming traffic and will not alert you if a trojan or worm tries to use your machine for some malicious purpose.

Scan For Spyware

All through this article we have talked about spyware that lets companies customise their advertising by watching what you do on the net. While spyware may not be destructive, it is one of the biggest pests around and will result in a mailbox full of spam before you know it. However there are a number of tools that will scan for well known spyware on your machine and will allow you to delete it safely.

Note that AntiVirus packages do not usually alert you when you install spyware because it is not considered harmful to the computer itself. Two of the most popular programs for detecting and removing spyware are Ad-aware and Spybot Search & Destroy .

Choose Strong Passwords

Most of the time an attacker need not resort to a technical hack to break into a system because he can simply guess at poorly chosen passwords. Here are some general rules when selecting a password :

  1. Do not use a word which can be found in a dictionary, or a birthdate / name these are very easy to crack
  2. Adding numbers like 123 at the end does not make it more difficult to crack the password
  3. Choose at least a 6 character long password.
  4. Use different capitalisation for the letters, e.g. “suRViVor” (Don't use this one, its in a dictionary remember… its just an example)
  5. Add some random numbers to the end or in the middle
  6. If possible use a few special characters like !(;,$#& etc.
  7. When choosing a password hint question, choose one that only you will be able to answer. “What is my birthdate ?” is something anyone who knows you even remotely will be able to guess.

A very useful method for choosing an easy to remember random password is to take a line of a song that you remember and then take the first letter of each word in that line. Now you can randomise the capitalisation, add a couple of numbers and special characters, and have a very strong password that is still difficult to crack.

Remember as far as possible to use a different password for different accounts (e.g. one password for your personal email, one for work email, one for internet banking). This may make things more difficult to remember, but in the event that one password gets compromised, the attacker will not have access to all the other accounts.

 
Back

Top

Next-Cabling