TO TIGHTEN UP SECURITY!
by: Cary Christian
After devastating distributed
denial of service attacks almost brought the Internet to its knees several
weeks ago, you would think people would get the idea and make an effort to
close some of the security holes that make such an event possible.
Apparently, that is not the case.
The CERT Coordination Center is monitoring a group of large networks of
compromised machines that are linked together through programs left behind
by worms and viruses. Just one of these networks contains more than 140,000
These networks are used to launch distributed denial of service attacks and
the owners and users of the machines have no clue that their assets are
being used in the attacks. Making matters worse, these compromised machines
make it easy for even a novice hacker to launch a devastating attack. CERT
has warned that there is potential for serious long-term damage.
The really sad fact about all of this is that the worms and their
"droppings" that can be used to create all this havoc have been around for
awhile. There are patches available to render them useless and current
anti-virus programs can all handle them. The fact that there is such
immediate danger means that people are not patching their machines and they
are not using current anti-virus programs, if they are using them at all!
In addition to setting the stage for distributed denial of service attacks,
the existence of these worms and viruses make it much more difficult to
trace the attacks once they occur. These compromised machines can also be
used to hide the identity of people committing even more heinous crimes. The
unprotected and unpatched PC becomes a pawn in the commission of such
Here are some things you should do right away.
1. When was the last time you downloaded a patch for your operating
system? They are issued frequently. When they are issued, it is usually
because the patch is needed to plug a hole in the security of your machine.
If you are using a Windows operating system, take a little time to visit
Windows Update at
http://windowsupdate.microsoft.com/ Select "Product Updates" and
follow the prompts. You'll be told what patches you need and they can be
installed automatically. It's super easy and there is no excuse not to do
2. Check your passwords, shares and protocols. Make sure passwords
are difficult to break. Do not use your mother's maiden name, your birth
date, your social security number or a variation of your name. Mix it up
with letters, numbers and make sure it's at least 8 characters long. Make
sure your machine does not have any shared resources using Windows
networking that are not protected by a password. Unless you really need it
for something, don't use the NetBEUI protocol for networking. Use IP
3. Scan your hard drive for viruses and worms. You can use Trend
Micro's Housecall scanner at
http://housecall.antivirus.com/housecall/start_corp.asp to perform a
free scan and cleaning of your machine. All it will cost you is a little
time and will at least provide you with the peace of mind that your machine
has not been compromised.
4. Install a firewall. You can get a free version for home use from
Zone Labs at
Don't think your home machine is unimportant. Probably most of the
compromised machines on the Internet are home PCs.
On your business network, you'll most likely have to purchase a firewall if
your ISP does not provide one for you. Zone Labs has a pro version for under
5. Use an anti-virus program and keep it updated. You can download
AVG Anti-Virus at http://www.grisoft.com
It's fr^e and it works very, very well. Just remember to have your
anti-virus program load every time your computer boots up and set it to
update automatically so you always have the most up to date virus database
6. Test how stealthy your computer is. Hackers and worms scour the
Internet looking for open ports on computers that are broadcasting their
location. Without a firewall, this broadcasting, which is normal behavior,
acts like a beacon to the hacker, leading them to your machine through
unprotected ports. The firewall is supposed to make your machine invisible,
or "stealthed." It's a good practice to check just how stealthed your
machine is from time to time. Take the "Shields Up!" test at Gibson Research
to find out. The URL is
http://grc.com/intro.htm There is lots of great information on
security at this site in addition to computer tests.
None of the above tasks are difficult or expensive. They will require a
little time but will keep you safe and help insure that your PC doesn't
become a pawn in someone's evil plans. The world and the Internet are
becoming a more dangerous place every day. You owe it to yourself and to
everyone else who enjoys the Internet to make your machine off-limits to
Copyright (c) 2003