We promised not to jump on the fear-mongering bandwagon, but we do need to help you 1) recognize that threats do exist and 2) understand the nature of the threats so that you can adequately protect yourselves against them. First things first: the threats.
Unless you have been living in a cave for some time (and even then, maybe), you have surely heard about the threat of computer viruses, worms, hackers, scams, and identity thefts. Internet security is big news, and also big business. On a corporate level, companies must protect themselves against intrusion attempts aimed at gaining secret information, and against attempts to shut down corporate websites that provide both the face of a company and a revenue conduit. On the home network side, individuals must protect their personal information, protect their computers from corruption or from being taken over, and protect against others accessing their networks to download illegal or illicit material (or just annoying the heck out of you with endless spam).
If you do connect to the Internet, sooner or later you will see every threat and hack attempt there is. Well, you'll see it if you take no precautions. If you follow the steps we lay out, you will either stop them in the act by recognizing the threat and acting accordingly or prevent them from happening at all and not even be bothered by it.
Threat Categories
One of the things that we have noticed in most of the books and articles on home network security is a lack of any explanation of the different types of security threats. This is a pretty serious issue because many nonexperts lump every type of threat into something called "security," which often leads people into thinking that one type of security solution, say a firewall, will protect them from all the bad stuff out there. This is a big mistake. There are several different types of security threats and one or two things that you can and should do for each type of threat. To help you sort it out, we have grouped threats into four basic categories: connection-based threats, access-based threats, software-based threats, and victim-enabled threats. Each threat category is described here.
Connection-Based Threats
A connection-based threat is an attack that is directed through your Internet connection. This threat exists because high-speed Internet is always on (unlike dialup, which you set up, use, and then break the connection when finished). Hackers typically look for open IP addresses (which represent your location on the Internet) using tools that randomly look for an open connection into an unprotected home network. When hackers find an open network, they can do a number of bad things, including but not limited to, searching through and possibly deleting personal information and files; or using your computer to launch attacks against other home, commercial, or government networks. This latter form of activity is called a redirect attack, a tactic hackers use to protect their own identity and location.
Access-Based Threats
An access-based threat usually results from using a wireless networking device in your home. Just about every wireless router on the market today is made to work right out of the box. This is great for getting your wireless networking up and running quickly, but the only way to make it that easy for you is to turn off all the security features, which makes is easy for everyone else in range of the router to gain access to your network, too. The usual result of not guarding against this threat is that you end up providing all the people around you with free Internet access. This may or may not be an issue for you, but you are also vulnerable to some hackers who can access your files or monitor your network traffic looking for passwords and personal information such as credit card numbers. There is also the risk that someone might be looking to download illicit, indecent, or illegal (sometime all three simultaneously) material from the Internet through your network rather than their own, just in case the feds or someone else come looking for them.
Software-Based Threats
This is probably the threat most people are familiar with. The category includes viruses, worms, spam, spyware, adware, and Trojan horses. Most of the time, these types of attacks are more of an inconvenience than anything else, but the annoyance factor gets pretty high when you get 100 or so unsolicited e-mails every day or if a virus copies your entire contacts list and starts sending copies of itself to everyone you know. Some viruses, though, can damage your computer or files, or worse, deposit a Trojan horse that enables a hacker to take remote control of your computer. All should be guarded against.
Victim-Enabled Threats
The Internet is a scam artist's paradise. Along with the usual array of rip-off scams, the Internet allows thieves to wrap themselves in legitimate-looking letters, web pages, and other wrappers that make it hard for the casual observer to tell the difference between legitimate and illegitimate sites and sources. The good news is that it takes a victim's participation to enable these threats. Unlike the other threats that require hardware or software, this type of threat can usually be solved with a simple set of rules for answering account questions and some education on how to avoid biting on the bait. In addition to identity theft, there is also good old-fashioned theft (someone taking your laptop), so we also provide you with some tips on how to keep folks from cracking your passwords.
Some of the threats we discuss actually fall into more than one category, and we point those out to you as we go. In addition, we have put a little summary box at the beginning of each chapter that describes the threat, what the issues are, and what you can do about it.
No comments:
Post a Comment