Securing Your Internet Connection

It's easy to think that no one could possibly be interested in your poor, slow, little Pentium (or iMac, for that matter), but that's simply not the case. Having a fast Internet connection that's "always on" when you want to surf the Web is great for you, but it's also great for hackers from around the world who have nothing better to do than sweep through thousands of random IP addresses looking for machines that they can exploit. And what they can do is really quite scary. Without any visible sign or warning, hackers can infiltrate your system to obtain personal information about you or to use your computer to disguise themselves when they attack other machines.

You need to consider securing your home computers even if you are only connected some of the time. You're vulnerable whenever you're connected.

CERT/CC on Using the Internet Securely answers any questions you might have using the Internet and being secure while you do it, including defining every relevant term: "This document gives home users an overview of the security risks and countermeasures associated with Internet connectivity, especially in the context of “always-on” or broadband access services (such as cable modems and DSL). However, much of the content is also relevant to traditional dial-up users (users who connect to the Internet using a modem)."

And Practically Networked Securing Your LAN page tells you what to do secure your LAN. Or your personal computer, if you don't have a LAN.

All you need to know about home network security:

http://www.cert.org/tech_tips/home_networks.html, CERT/CC's Using the Internet Securely

All you need to know to secure your home Internet connection for Windows Computers:

http://www.practicallynetworked.com/sharing/securnet.htm, Practically Networked's Securing Your LAN page.

How to set up your Home Network with Macs:

http://www.atpm.com/7.06/router.shtml, At This Particular Macintosh's How To page. And http://www.atpm.com/network/, threemacs.com's Mac networking pages, which are exceedingly complete, but a bit out of date. Their page on network security: http://www.atpm.com/network/problems/network_security.htm

The first thing to do to protect your always-on-the-Internet personal computer from attack from the outside is turn sharing off on all your disk drives and printers. And you must do it right now. (Unless you have a LAN in your house, of course; in that case, you should put a password on all your drives.)

This is particularly important if you have a cable modem, because your computer is on a LAN with your neighbors.

To turn off file and printer sharing in Windows: Double-click the My Computer icon on your desktop. Then right-click on the name of a drive, select Properties, click the Sharing tab, then click the Not Shared radio button. Repeat for each drive. Then double-click the Printers folder and repeat the same process for each printer. If you don't have a Sharing tab, then you're set; your operating system was installed without network sharing options.

To turn off file sharing in Macs: Open the Sharing Setup/Sharing (in Mac OS X) control panel. In the File Sharing/Personal File Sharing (Mac OS X) section, you should see the message "File sharing is off" with a Start button beside it or below it (Mac OS X). If you see a Stop button instead, click it. For Mac OS Classic, a dialog box will open asking "How many minutes until file sharing is disabled?" Select 0 and click OK.

If you have an always-on Internet connection, via a cable modem or DSL or IDSN line, you must also install a personal firewall (a network protection tool that guards against and reports intrusions on your computer from the outside), and you must keep it running at all times.

To get an idea of what the firewall will do for you, run

Symantec's Internet Security Check

before and after you install a firewall. Running it might be just the thing you need to convince you to run one. This check requires Internet Explorer 5.0, Netscape 4.5, or Safari 1.0 on a Mac. This service checks the security of your computer's connection to the Internet by sending it various connection requests.

The following two sections list a few specific filewalls for Windows and Macs. For more general (and specific, for that matter), information, see the following firewall Web pages:

• For a long list of articles of all flavors about firewalls (including review articles, how-to's, and tutorials), see the open directory project's Top: Computers: Security: Firewalls: FAQs, Help, and Tutorials: http://dmoz.org/Computers/Security/Firewalls/FAQs,_Help,_and_Tutorials/
  
  
• For a comparison, a review, and links to other reviews, see Firewall Guide.Com's Firewall Guide Software Reviews.
  
  
• C|Net's Why you really, really need a firewall--or two (in case I haven't convinced you), which includes rankings.
  
  
• For a review of commercial firewalls, see About.com's Guide Picks - Top 6 Personal Firewall Software Packages.

Need help interpreting your firewall's logs?

If you're using ZoneAlarm, click the More Info button.

Or check out Robert Graham's "FAQ: Firewall Forensics (What am I seeing?)" page: http://www.linuxsecurity.com/resource_files/firewalls/firewall-seen.html

There are more, but these are currently the most popular and most highly regarded Windows firewall software packages.

Zone Labs Integrity Desktop:
The obvious choice for UIC faculty and staff is Zone Labs Integrity Desktop, which is the enterprise version of Zone Labs ZoneAlarm, because we have a site license for it that allows us to make it available for download at no cost. For more information, see Zone Labs Integrity Desktop.

Network ICE BlackICE Defender:
Home page:  http://www.networkice.com/html/blackice_defender.html

Symantec Norton Personal Firewall 2005:
Home page:  http://www.symantec.com/sabu/nis/npf/

Tiny Personal Firewall:
This firewall is called "tiny" because it doesn't use much resources when it's running -- it has a "small footprint". It also has a time for its rules; you can say at what times they should be enforced. there's a free version for home users.
Home page: http://www.tinysoftware.com/

Zone Labs ZoneAlarm:
Features: Free for personal use. Includes application control, which notifies you when an application that you're running tries to contact the Internet. (That's somewhat of a pain when you're just starting; you can't image how many personal computer applications use the Internet on their own, without your telling them to. But it will also protect you from having your personal computer taken over for a distributed denial of service attack -- if you don't give the hacker's software permission to contact the Internet, it won't be able to. And that's really good.)
Home page: http://www.zonelabs.com/

For a list of Mac personal fireware products and links to reviews, see Firewall Guide.Com's Macintosh Security Guide.

Sustainable Softworks IPNetSentry:
Home page:  http://www.sustworks.com/site/prod_ipns_overview.html

Intego NetBarrier:
Home page:  http://www.intego.com/home.asp
Features:  Outgoing-content filter; real-time traffic measurements.

Mac OS X comes with a built-in firewall; see Apple's Security in Mac OS X tiger page: http://www.apple.com/macosx/features/security/

If you have a home LAN and use NAT (Network Address Translation) hardware/software, you can run a firewall on/with the NAT that will protect all of your other machines. For more information including links to lists of available broadband cable/DSL routers, see Home LANs and Sharing Your Internet Connection.

Or you can get a "firewall appliance" -- hardware firewall. Turnkey Network Appliances has a short definition:
http://www.firewall-servers.com/what_are_firewall_servers.html

If the ongoing spate of Windows/Web/email viruses and worms hasn't already scared you enough to install antivirus software on all your personal computers, both Windows and Macs, maybe it's because you've been lucky and haven't been inflicted with one yet. Don't depend on luck — install the ACCC Network Service's Kit highly rated and easy to update Symantec/Norton AntiVirus, SAV/NAV. The UIC license agreement for SAV/NAV allows it to be installed on any computer belonging to any member of the UIC community, on campus or off.

But just installing SAV/NAV isn't enough -- you have to keep its "virus definitions" up-to-date. To do that, run LiveUpdate on a regular basis, say once a week, and also whenever you hear about a new virus or worm. You can either run LiveUpdate by hand, or schedule it to run automatically on a regular basis. See the SAV/NAV Web pages for instructions.

Spyware is another name for adware -- advertising supported software. Actually, they aren't exactly the same. Spyware is software (or hardware) that gathers information about a person or organization without their knowledge. Adware, on the other hand, is a software application in which ads are displayed while the program is running. (Click on the links to see the whatis.com definitions of the terms.) Advertisers are usually interested in how the user reacts to their ad, so adware often has a spyware component.

Adware can also slow your Windows computer down to a crawl.

The Spychecker.com Web site has all you need to know about spyware:

• What is spyware?
• Freeware anti-spy tools for Windows. The most widely used and recommended are Ad-Aware and Spybot - Search & Destroy.

The ACCC's Virus and Spyware Removal CD for Windows contains Stinger, Spybot, and Symantec Antivirus; you can download it for free from E-Sales.

CERT/CC Vulnerabilities, Incidents, and Fixes

Want to know what's going on in computer security? CERT (Computer Emergency Response Team) is the place to go in the US. CERT was formed by the US Department of Defense in 1988, "to address computer security concerns of research users of the Internet". The CERT Coordination Center (CERT/CC) is in the Software Engineering Institute (SEI), Carnegie Mellon University, Pittsburgh, PA.

See also CERT/CC's Home Network Security

This document answers any questions you might have using the Internet and being secure while you do it, including defining every relevant term.