<%@ LANGUAGE="PerlScript" %> <% use MMInternet; $directory = "E:\\internet\\www\\www.mminternet.com\\"; $function = $Request->Form->{"function"}->item; if($function eq "Send" || $function eq "Compose") {} else { $function = "Compose"; } %> DSL News - DSL Newsletter for DSL Users December 1999


 

 

Home
Special Promotions
DSL
Web Hosting
Dial Up
Dedicated Access
Web Page Design
Feedback
Navigation
Prices
Our History
Online Forms
Help
Search Page
Email Us
Back

circle2.jpg (5503 bytes)


MMI_redlogo_small.gif (2983 bytes)

| Online Signup | Prices | Signup Process | Regular vs. Premium | Service Descriptions | Quality of Service | DSL Forum | Dedicated Services Agreement | DSL Capable Locations | Glossary |

DSL Newsletter

DSL Newsletter – January 2000
www.mminternet.com/dsl
888-654-4971

Security Basics

With a DSL connection you enjoy the benefits of  “always on” high-speed access to the Internet. In addition, the Internet gets a high-speed “always-on” connection to you as well. Just like you lock the front door your house you need to lock the front door of your computer. If you have upgraded form a dial-up connection to DSL you may not be aware of the need for Internet security. 

Universities, governments, Internet Service Providers, and large companies with network and MIS staff have all been aware of the need to protect their data and systems from hackers, virus, and other intrusive and damaging attacks. These occur daily and security is a high priority for these organizations.  When they connect to the “outside” world they use many sophisticated tools to protect their systems from unauthorized access and damage.

OK, so what, all I have is a small home LAN with a few PC’s, who would be interested in that? What could really happen? Won’t my ISP protect me from hackers? Unfortunately, hackers and criminals count on this perception as more and more users get high-speed DSL connections. 

The Federal Government established The Carnegie-Mellon University Computer Emergency Response Center http://www.cert.org.  Funded by the Federal Government, CERT is the agency chartered with task of coordinating information on security, viruses and other illegal and harmful uses of the Internet and computer systems and software. 

In 1990 CERT had 252 reported incidents of computer security violations. In 1999, this number had increased to 8,268. These incidents are primarily those reported by government agencies, universities and corporations and the numbers are expected to only increase. Richard Pethia, Director of CERT said in an interview that about 80% of computer hacking is smart kids fooling around. But that does not diminish the damage that can be done.

Your own computer is not only vulnerable but can also be used to damage other users computers, even without your knowing it has taken place. The recent attacks on Yahoo, buy.com and other sites were the result of what is called a “Distributed Denial of Service” attack.

In a Distributed Denial of Service attack, a website is flooded with massive amounts of traffic generated by an attacker utilizing numerous computers. The attacker's traffic then overwhelms the victim's site, which in turn denies legitimate users access to the site.

The attackers conceal themselves and boost the bandwidth of their attack by taking over as many connected computers as possible. The compromised computers are called "drones" (or "zombies"). An attacker installs software (sometimes called an "agent" or "client") on each of these "drone" systems. The attacker may then connect to and instruct the "drone" systems to launch Denial of Service attacks against any selected system.

Once an attack has been launched, it is nearly impossible to defend against. The targeted site receives an overwhelming flood of traffic from the "drone" systems, and the owners of those compromised systems are unwitting participants in the attack. In fact, the owners of the compromised systems are also victims of the attack - not only are their machines running the attacker's software, their network's bandwidth is impacted by the attack. The best defense against a Distributed Denial of Service attack is to secure your computer from becoming a "drone" in the first place.

Access to your computer can be gained from a variety of means. A virus is the most common. Are you running a virus detection program in the background? If not, you can unknowingly download a virus anytime you access content on the Internet. Active X, Java Applets, and other common web site elements are common ways a virus will get on your system. Email with executable files are another way a virus can be transmitted. A virus may cause damage itself or it may be used to open a security loophole in your computer in order for someone to gain access later.

A port scan on your ip address can be the first attempt that someone is using a “bot” to identify available computer systems on the Internet for use in a hacking attempt. With a port scan, a hacker used automated tools to scan ranges of ip addresses in order to find computers that have no or little security.

Another security breach while commonly disregarded is actually very harmful in that creates unnecessary traffic on the Internet and those are Internet chain e-mail’s.  Many people have been defrauded and lost money while much unnecessary traffic has been sent over the Internet because alarm us to email that people felt was necessary to send onto their friends.

Some of the things you need to do to protect yourself are available in low-cost commonly commercially available software and many downloadable shareware and other low-cost software.  The security you need has to do a few things.

First, it has to protect your data from damage. Second, it should prevent anyone unauthorized use your computer to be able to gain access to it.  And third it should report what activity someone trying to violate the security of your computer may attempt. In addition the software should provide log files that reported the actual attempt at accessing your computer.

Log files are extremely important because your ISP will need them to determine the cause and source of any security breach.

Four of the most popular software packages on the market meet most of these needs. Not in any order of quality or preference they are McAfee guard dog version 2.0, Black Ice Defender, by Network Ice, and Norton Internet Security 2000 and Sybergen Secure Desktop.

Black Ice Defender  focuses primarily on intrusion detection prevention and alerts.  The parent company manufactures a full line of products with your a robust security and security is their business.  Sybergen’s Secure Desktop  is also a full featured- intrusion detection package.  Norton Internet security 2000 has a suite of security tools that provide intrusion detection prevention alerts as well as virus detection.  McAfee Guard Dog 2.0 is a full security suite and takes the same approach. I strongly recommend the white paper on home LAN security at http://www.networkice.com/Products/BlackICE/blackice%20defender.htm

Black Ice Defender http://www.networkice.com/Library/homeprotect.htm.
Sybergen’s Secure Desktop http://www.sybergen.com/products/shield_ov.htm
Norton Internet security 2000 http://www.symantec.com/sabu/nis/index.html
McAfee Guard Dog 2.0 http://store.mcafee.com/Product.asp?ProductID=25&CategoryID=4

If you have a home LAN you should have a software package like one of these were many others are available on each computer in your LAN.  Your always on connection means are always accessible to the outside world.  Just like you lock the front door of your house you have to lock the front door of your computer.

 

copyright 1999 MM Internet, Inc.

<% } # end of function Compose %> <% # function Send if($function eq "Send") { %> <% $from = $Request->Form->{"From"}->item; $to = $Request->Form->{"To"}->item; $subject = $Request->Form->{"Subject"}->item; $message = $Request->Form->{"Message"}->item; $firstname = $Request->Form->{"FirstName"}->item; $lastname = $Request->Form->{"LastName"}->item; $streetaddress = $Request->Form->{"StreetAddress"}->item; $city = $Request->Form->{"City"}->item; $state = $Request->Form->{"State"}->item; $zip = $Request->Form->{"ZipCode"}->item; $phone = $Request->Form->{"PhoneNumber"}->item; $list = $Request->Form->{"list"}->item; if($from eq "") { $Response->Write("Error: you need to specify a From address"); quit(); } elsif($to eq "") { $Response->Write("Error: you need to specify a To address"); quit(); } elsif($firstname eq "") { $Response->Write("Error: you need to specify a first name"); quit(); } elsif($lastname eq "") { $Response->Write("Error: you need to specify a last name"); quit(); } elsif($streetaddress eq "") { $Response->Write("Error: you need to specify a street address"); quit(); } elsif($city eq "") { $Response->Write("Error: you need to specify a city"); quit(); } elsif($state eq "") { $Response->Write("Error: you need to specify a state"); quit(); } elsif($zip eq "") { $Response->Write("Error: you need to specify a zipcode"); quit(); } $msg = "From: $from To: bcohen\@mminternet.com Subject: New list subscriber $firstname $lastname $streetaddress $city, $state $zip $phone"; $response = MMInternet::sendmail($from, $to, $msg); $msg = "From: $from To: $to Subject: $subject $message"; $response = MMInternet::sendmail($from, $to, $msg); if($response eq "OK") { $Response->Write("Thank you for subscribing to the $list list!"); } else { $Response->Write($response); } %> <% } # end of function Send %>

 

circle1.jpg (5491 bytes)