Heard of defensive driving? Of course. The theory is simple: assume every other driver out there, besides yourself of course, is a lunatic and drive so they can't hit you. Leave plenty of space between cars, pretend the moron on the right will pull out in front without warning, that kind of thing.
Defensive security is much the same thing: assume every other person on the "information super highway" is trying to break into your system and "drive" so they can't. Or at least have a more difficult time, perhaps.
This tip offers several practices, or suggested operation methods, to help reduce one's data security risk. Some of the tips are applicable to multiple operating systems, such as Linux® Mac OS X® and Microsoft Windows®. Others are platform specific.
Almost every business that connects to the Internet uses a router with a built-in firewall to separate the local area network (LAN), or the company's own computers, from the wide area network (WAN), or the public Internet. And too many residences have computers that connect directly with the WAN. This leaves those computers directly exposed to anyone who "comes to call", so to speak.
Anything connected to the Internet needs a public Internet Protocol (IP) address. This is a series of four octets, or four groups of numbers between zero and 255, that uniquely identifies this network interface from billions of others. But because IP addresses must be unique, there are public methods to search for lists of IP address blocks that are in use by some computer somewhere. From these lists, it's a simple matter to program a computer to visit every address, see if it's active, and attack the system if so.
A hardware firewall is a box that connects between the WAN side, usually a cable or DSL modem, and the LAN side. It brokers traffic between private and public domains. Since all outgoing private traffic carries a unique ID, the firewall can block all except specifically invited incoming public traffic. So if a hacker pings a firewalled IP address, there is no response. Thus the hacker assumes there is no computer at that address and moves on.
Hardware firewalls, sometimes called routers, come in both wired only and wireless models. Prices range from $10 plus tax after rebate to $150 depending on the features offered. Even the least expensive model will prevent this type of outside intrusion, however. The additional cost usually depends on wireless access speed.
It's fairly simple to determine if a network has a firewall or not. Follow the data cable coming out of the DSL or Cable modem to the next box in the chain. If this box has the words "firewall" or "router" on it, then the LAN uses a firewall. But if this box has the word "switch" or the box is a computer, then the LAN most likely does not have a firewall.
OK, so the firewall protects us from outside intruders. But what happens if we have a piece of "malware" on our system that is sending out unauthorized traffic, such as redirecting web addresses to other then the legitimate site? Will the firewall stop this?
Sorry, but no: the firewall can't tell if outgoing traffic is legitimate or not. It just matches incoming traffic with an existing outgoing ID. If there is a match, the traffic passes. If not, it's blocked.
So we must not install any software that behaves maliciously. Unfortunately this is tough to do: there are several otherwise legitimate programs that hide their intent through legal contracts and other methods. Even the most savvy net users occasionally let "malware" through.
Installing software, however, requires administrative or root privileges: one must be allowed to make system wide changes. This is fine and good at software install time. But do these privileges need to always be on? Actually, no, they don't. Under normal operation, one should never need this kind of elevated privilege.
Set up accounts with only limited access to system resources and use those accounts under normal circumstances. That way if one were duped into downloading malicious software, its installation would be blocked. When it's time to install something legitimate, fine: do so from the administrative account. Then log out and log back in as a restricted user after the software's installed. Following this practice will eliminate unintentional software installations.
All operating systems have security defects. It's the Abraham Lincoln principle of software engineering: it's impossible to write software that always works all of the time. Consequently software publishers issue updates as security risks are analyzed and fixed.
Unfortunately many computer owners do not install these updates. Sometimes one has dial-up Internet access and it's too slow to install updates efficiently. But sometimes the method for installing updates is obscure or counter-intuitive.
Here are the methods for installing updates on Mac and Windows systems:
On the Mac, choose System Preferences from the Apple menu. Then select Software Update from the View menu and click the Update Now button.
On Windows, start Internet Explorer and choose Windows Update from under the Tools menu. Then choose an Install or Scan For Updates link.
We originally did not include this practice. But after talking to several industry professionals and comparing our internal experience with others, we make the following recommendation: customers running Microsoft Windows should migrate from the Internet Explorer (IE) web browser and the Outlook Express (OE) mail tool to some other software. For both of these functions, we recommend SeaMonkey which can be downloaded for free from mozilla.org.
Why? Well both IE and OE have wonderful integration with other programs: one can write a Microsoft Word® script with a form and button to send out email. But this powerful scripting engine can't, again, tell the difference between a beneficial or a malicious use. If a script is programmed to send mail to everyone in an address book, nothing can determine if this is the result of a user command or a software hijack.
Turns out the most devistating spyware doesn't attack the Windows operating system, but the programming "hooks" in IE and OE. Using something else instead like Mozilla reduces the spread of malware. And if one ever does need the scripting capabilities, one can always fire up IE or OE for just that purpose.
Feel free to call (number below) or send us email if you have questions about this tip.
|
|
+1 214 234 9283 |