|
Much of the discussion on this
page is dedicated toward a Microsoft Windows environment an in particular on
issues dealing with computer spyware and viruses.
Losing Secure Access | Measures
for Securing Access | E-mail |
Spam | Pop-Ups and Adware |
Spyware and Spybots |
Anti-Spyware/Adware Downloads |
What's Good and What's Bad |
Trojan Horse and Hacking Tools
| Firewall at
Router: Technical Discussion |
Rock Solid Secure Access:
Core TCP/IP Discussion |
Personal Computing: Conclusions for Secure Internet Access
Losing
Secure Access
-
A random burglar makes entry to the office and steals tapes and
file server.
-
A computer hacker determines a system containing sensitive information is
present.
-
An associate, partner, employee or other human violates office security
policy.
-
A computer hacker, telephones the office, contacts an employee and
extracts password information where the employee is duped into believing
this person has authorization.
-
Printed documents containing password and system layout information are
not shredded and retrieved by computer hacker from dumpster.
- A computer hacker exploits the use of an "admin" or "trojan horse"
computer virus, hacking tool application or other specialized Internet
scanning software and gains access.
Not well enforced by federal laws in the US and currently the number
one virulent security problem next to viruses at a PC desktop:
- An unscrupulous business entity slips invasive spyware/adware
applications on a PC after a user installs what's believed to be "needed"
software. As a result, privacy and precious PC performance is lost.
A savvy computer hacker can gain access if the following is known:
-
A system to exploit exists.
If the hacker does not know a system is there, they can not begin to access
it. Keep quite about and restrict physical access to sensitive
information regarding layout of office system.
-
Username and Passwords.
Avoid printing usernames and passwords on paper. Regardless of what a caller may say about who they are and how they know
office associates, avoid providing usernames, passwords, Internet Protocol
(IP)
addresses, computer names and other system information to people who you
have never spoken to before and call you over the phone for the first time.
In today's computing environment and the Internet, always use an updated
anti-virus and personal firewall application (ZoneAlarm, Symantec, McAfee).
A personal firewall will block attempts by certain viruses or "spyware"
programs from transmitting password information back to the hacker (read
discussion below).
- Where the office is located.
If security is to be high, the location and security measures of file
servers and tapes is to be confidential having a log book of all who have
knowledge of location and security measures.
Measures for Securing
Access
Back to
Top
A secure office system starts with having a set of security policies
supporting secure access and accountability of who enters and leaves a
building and office space (doors, windows, plenum, other).
Having a system of accountability and establishing policies on what
information is most sensitive and what is not is critical.
The authentication and filtering through computer password, firewall and
other means is of no use if the office policies and system of accountability
is flawed.
Having an E-mail service and connection to the Internet, introduces a
great deal of security threats as discussed below.
E-mail
Back to
Top
If securing E-mail is important, it is necessary to track and protect all
storage locations for old and new E-mail. Varieties of password
protection, personal signature and encryption can be useful.
Regardless of the applied technology to secure an E-mail message or other
documents, some information can be considered too sensitive to be sent via
E-mail. In these cases, electronic methods are not recommended where
delivery by hand or by certified snail mail is best.
E-mail Virus A vast majority of
computer viruses are spread by E-mail. Today, the majority of this destructive programming is directed by
rogue software programmers at the Microsoft Windows operating system,
Internet Explorer and Microsoft Office applications. As a result, the
Apple/MAC and Linux computers are more often less vulnerable to computer
virus infection than computers having Microsoft software running. Most certainly keep
anti-virus software (Symantec, McAfee and others) running with updated
anti-virus definitions where all sent and received E-mail messages are
scanned for viruses. Have a quarantine procedure to follow when ever a computer
virus is found.
If using Microsoft Outlook, know that the older versions of Outlook such
as Outlook 97, Outlook 98 and Outlook 2000 have security flaws and are
significantly less resistant to computer virus attack over the latest
version of Outlook (Outlook 2002 or Outlook for Office XP, November, 2002).
The latest version of Outlook (Outlook 2003) much more tightly secures access to the
contacts folder of which in the past was exploited by worm computer viruses.
The best method for stopping an E-mail virus, is through virus counter
measures employed at the mail server.
Removing a computer virus sometimes requires a complete software
reinstallation. A heavily infected computer with thousands of infected
files should have the hard disk formatted and all software reinstalled.
A good resource for procedures on virus removal can be found by searching
the virus encyclopedia at:
http://securityresponse.symantec.com/
Links to Windows updates of which provide all of the current security
patches and fixes for Windows XP and Office 2000/2002/2003.
http://windowsupdate.microsoft.com
www.microsoft.com/office
A well equipped E-mail service provider, such as
www.adhost.com, with anti-virus
protection is recommended.
Most highly recommended is having the Norton Internet Security 2004
Professional
applications or later versions installed and running with all updates
applied, visit the following link for more information:
http://www.symantec.com/sabu/nis/nis_pe/features.html
Spam
Back to Top
Some of the junk E-mail or "Spam" we receive can be infected with a
computer virus or other malicious computer programming.
Internet Spam is a global problem and is best stopped by either the sender
or at the mail server.
Currently, the most cost effective method for controlling large quantities of Spam is to have an E-mail service provider,
again www.adhost.com, block Spam before it reaches your
office building or home.
Having an E-mail domain name not associated with a website is helpful as it
"hides" the E-mail address from the "Junk E-mailers" who harvest E-mail addresses from
websites.
Other methods include installing anti-spam software such as Norton Anti-Spam
2004 (included with Norton Internet Security 2004 Pro).
Pop-Ups and Adware
Back to Top
Application Induced Pop-Ups: Adware
Some junk mail messages when opened will deposit a computer program which
will routinely pop-up advertisements.
This type of pop-up program known as "adware" can
also be installed "behind the scenes" while installing a program you
knowingly install.
The www.Gator.com corporation (now the
Claria Corporation http://www.claria.com/)
is notorious for its adware/pop-up marketing schemes all at the extreme annoyance
of computer users.
Can't imagine the people who work at Claria enjoy having pop-ups as does
anyone although they do enjoy the money businesses pay them to include
advertisements in the pop-up program.
When installing some programs either purchased on CD or downloaded from the
Internet, an installation wizard may not only install the program you wish
to use---but yet another program of which will toss up pop-up advertisements.
More adware consuming processor time and memory thereby reducing the
operating performance of a PC and interfering with a user trying to work.
These pop-up programs are annoying, sometimes difficult to uninstall and
again--- can significantly bog down the performance of a PC and in
particular when multiple adware programs are running simultaneously.
An adware program may monitor web browsing activities and then relay that
information back to the provider of the adware. This is where the
adware is also known as "spyware" (read discussion below on spyware and
spybots).
Web Page Induced Pop-Ups: The Pop-Up Blocker
The type of pop-ups when visiting a web page can be stopped by installing a
"pop-up blocker" such as that available from
http://toolbar.google.com.
And again, a pop-up blocking tool is part of the Norton Internet Security
2004 Pro software.
These web page pop-ups are different from that induced by the Claria
Corporation in that web page induced pop-ups will only pop-up when visiting
a certain website.
Spyware and Spybots
Back to Top
Some malicious programs can be installed onto your PC by visiting a website
of which employs unscrupulous programmers which will "trick" a user into
downloading and installing what is known as a spyware program.
A spyware program may distribute "bots" (short for robots) of which are
files containing programming script having instructions to identify,
collect, and deliver specific activities from the users PC back to a remote
user.
The remote user would be the source of the spyware program unscrupulously
spying on the user.
Some of the coding technology as associated with computer viruses are
similar in nature to that of spyware, yet it is not the same as spyware
does not self replicate. If the spyware application self
replicated from PC to PC, it would then be considered a Trojan Horse
computer virus.
Much of the spyware and also adware,
is supported by files of which are installed onto a computers hard disk
without user knowledge.
This type of "invasion of privacy" spyware
software allows companies or hackers to monitor a users Internet browsing
patterns where a remote user can retrieve account detail, bank log-in
details, website password details, credit card numbers and any of a users
personal and private details including financial information.
As of December 2003, the AOL Instant Messaging software provides direct
links to chat rooms where many of which are loaded with Internet scams,
pornographic links and cons to download spyware onto your hard disk drive.
As a direct result of the popularity of AOL Instant Messaging software with
young adults and children, this is of particular importance for responsible
parents to understand.
The pornographic websites and linked pornographic junk E-mail are largely
known sources and an irritating reality for nearly everyone using Internet
mail.
Whether a user wants it or not---pornographic E-mail and links to spyware
sites can end up in a users E-mail inbox and due to a variety of different
causes. Some are random where other causes are directed.
In addition to anti-virus software, the latest anti-spam software and other
anti-spam methodologies can help control the spyware problem.
A spyware program can in cases transmit personal information back to the web
developer who will then often send the user more junk E-mail.
A spyware application is sometimes associated with a "trojan horse" computer
virus.
All trojan horse viruses are considered "spyware", but not all spyware applications are a
trojan horse virus.
Recommended is the spyware scanning software from LavaSoft (Ad-Aware) and
for a more thorough cleansing use with Ad-Aware the program called SpyBot Search and Destroy also known as
SpyBot SD.
Anti-Spyware/Adware Downloads
Back to Top
Ad-Aware
http://www.lavasoft.de/support/download/#free
SpyBot SD
http://spybot.eon.net.au/index.php?lang=en&page=download
also
www.majorgeeks.com
(Under FILES "Spyware Tools" listing, search for SpyBot.)
also
http://www.wilderssecurity.net/spywareguard.html (sometimes down)
SpywareBlaster
www.majorgeeks.com(Under
FILES "Spyware Tools" listing, search for
SpywareBlaster)
also
http://www.wilderssecurity.net/spywareblaster.html (sometimes down)
All as free downloads, the SpyBot SD 1.2 with updates has been found by
Apex IS to be more thorough in removing spyware/adware than Ad-Aware 6.0 and
performs a significantly longer scan than that of the Ad-Aware application.
The SpyBot can be programmed to automatically scan and cleanse at scheduled
times. The SpyBot will also "immunize" your PC against spyware.
The SpywareGuard will catch spyware as it tries to infect your PC and warns
you with a message.
The SpywareBlaster helps immunize your PC from spyware and blocks spyware
from installing (requires updates).
Other strong arm solutions include populating the restricted sites list in
Internet Explorer and populating the hosts file following:
Restricted Sites List for Internet Explorer
https://netfiles.uiuc.edu/ehowes/www/resource.htm
Blocked Sites Using HOSTS File
http://www.mvps.org/winhelp2002/hosts.htm
Minimizing the number of cookies, temporary internet files and temporary
windows files can help where an automated program using the "MS-DOS delete
command" is configured to delete these files at startup and every 30
minutes.
The folders containing cookies and temporary files are a "nesting haven" for
spyware/adware and some computer viruses. For tight security, it is
best to keep these folders as empty as possible. Be certain the number
of temporary files stored by Internet Explorer is set lower than 5 MB
(Tools, Internet Options, Settings).
The "autoexec.bat" file can be populated with the following command lines
(batch code):
Use Windows Explorer to determine what the proper entries are for {username}
(browse to the C:\Documents and Settings folder).
IMPORTANT NOTE: Be certain to enter the correct path or files you
wish to preserve may be deleted and unrecoverable! For example, the
C:\WINDOWS directory for Windows XP has been found on some PCs from Gateway
as C:\WINNT. Normally, C:\WINDOWS\TEMP is the default directory for
temporary files with Windows XP, ME and 9x.
Typical set of lines entered into batch file. Be certain to verify
path before you execute this code!
Windows XP Professional
@ECHO OFF
cd\windows\temp
del /f /s /q *.*
cd\documents and settings\{username}\cookies
del /f /s /q *.*
cd\documents and settings\{username}\local settings\temp
del /f /s /q *.*
cd\documents and settings\{username}\local settings\temporary internet
files
del /f /s /q *.*
cd\
Windows 2000 Professional
@ECHO OFF
cd\winnt\temp
del /f /s /q *.*
cd\documents and settings\{username}\cookies
del /f /s /q *.*
cd\documents and settings\{username}\local settings\temp
del /f /s /q *.*
cd\documents and settings\{username}\local settings\temporary internet
files
del /f /s /q *.*
cd\
Windows 95, 98 and Me
@ECHO OFF
cd\windows\temp
deltree /y *.*
cd\windows\cookies
deltree /y *.*
cd\windows\tempor~1
deltree /y *.*
The above batch code should only be executed by a user who understands the
consequences of using the "deltree" and "del" commands. This
batch code can be executed every 30 minutes by using the Windows scheduler
to run the C:\autoexec.bat file. Again, be careful so as not to delete
needed files in particular temporary files needed for the installation of a
new program.
Just a few of known Spyware/Adware threats:
Access Plugin
Alexa (from Amazon.com)
Aornum
ASpam
Aureate
Backweb Lite
Bargain Buddy
Bonzi Buddy
Bootconf
Comet Cursor
Common Name
Cracked Earth
Cydoor
Datanotary
DNSRelay.dll
DW.exe
Exact Search
Ezula
Fly Swat
Gator
GoHip
Hotbar
Huntbar
IGetNet
ILookUp
LOP
Malware
Msspi.dll
NewtonKnows
Oemsyspnp
OSLogo.bmp
QCbar
Radiate
Rapid Blaster
SaveNow
Scumware
SearchBy
SearchEx
Stoolbar
Svchost32
Vrape
WebHancer
WhenU
Xupiter
Most noteworthy: The installation and running of Kazaa,
Morpheous and AOL Instant messenger, as enjoyed by so many teens, will
unquestionably result in problems with spyware/adware and enough so to render a PC slow and
difficult to use in a practical manner.
What's Good and What's Bad?
Back to Top
Identifying what's good and what's bad can sometimes be difficult.
There are many thousands of Windows programs which are good and many
thousands which are bad.
When using the Ctrl-Alt-Del command in Windows XP or Windows 2000, the
running processes can be viewed. This is a good way to first
identify a running virus or piece of spyware and to stop it in its tracks.
The only problem is that the description of these processes from Windows XP
or Windows 2000 is insufficient to know what they are there for.
The trick is to identify the processes, determine if it is bad, stop the
process from running by ending the task, remove the process from the startup
and delete the files and startup commands associated with running such rogue processes.
This is particularly important when a personal firewall application such as
ZoneAlarm pops up a message indicating that it is blocking a
program---should you allow it to pass to or from your computer or not?
Knowing what's good and what's bad is therefore important.
The following links are to web locations of which assist in identifying and
describing running tasks and processes.
http://www.windowsstartup.com/wso/search.php
http://www.answersthatwork.com/Tasklist_pages/tasklist.htm
http://www.pacs-portal.co.uk/startup_index.htm
In instances where the spyware/adware infection is heavy, the best solution
is to backup data, format the hard disk drive and reinstall the Windows
operating system and all applications. This is known as "re-building
the machine" or a "PC restoration."
Apex IS has made it standard practice to perform a PC restoration for any
computer which has had Kazaa, Morpheous and/or AOL Instant Messenger
running.
A PC restoration is the most efficient and thorough method for
permanently cleaning away spyware/aware, viruses and operating system
corruption. Also helps determine whether there are any failures with
hardware (motherboard, hard disk, etc.).
Avoid installing any "free" or low cost entertainment software as these are
a direct source for spyware/adware.
Regardless, utility software of which ships with your new cell phone, CD
player, etc. in many instances will install, in addition to its utility
which you need---a very much so unwanted spyware/adware application!
Not on the above list yet significantly invasive to
privacy is the application known as "Broad Jump."
The Broad Jump application is used by Comcast where after
a home owner has ordered high speed cable Internet, a Comcast representative
visits the home and installs the Comcast software.
The "Broad Jump" application is installed as a result
where an executable CFD.EXE begins to run "behind the scenes."
This CFD.EXE program can
be disabled by running MSCONFIG from the Run command (click Start, Run, Type
MSCONFIG, click Ok, click the Startup tab, look for CFD.EXE in the listing
and uncheck the box.
If you have Comcast high
speed cable Internet, this application may or may not already be installed.
The equivalent of finding
an application such as CFD.EXE running on your computer is, to the strong
opinion of Apex IS, the equivalent of finding your cable or phone company
representative rifling through your office filing cabinet. You see them,
you do not know what there looking for, yet they are in there potentially
seeing, reviewing all and undoubtedly getting in the way.
The Comcast cable company boasts how they follow all Federal laws.
This may very well be true.
In the years to come, there will undoubtedly be new laws preventing
companies such as Comcast from installing such disgustingly invasive and
unnecessary software on a users PC.
The Comcast software CD is NOT needed to browse the Internet, use E-mail and
do everything an average home owner needs to do with the Internet.
If getting Comcast high speed Internet for the first time, always insist on
activating your high speed cable Internet without Installing any software
from Comcast.
Having a personal
firewall (such as ZoneAlarm or that provided by Norton Internet Security
2004 Pro) installed will close the shutters and prevent applications such as
CFD.EXE from relaying private information back to Comcast or to anyone
else.
Trojan Horse and Hacking Tools
Back to Top
A trojan horse is typically more malicious, difficult to remove than
straight spyware, distributes itself between computers over an open network
(virus), and at times works in conjunction with an alternate spyware
application at a website.
A trojan horse is often engineered to harvest username and password
information from logon prompts and then send back to the creator via an
E-mail message. This is a hacking tool. All trojan horses are
hacking tools, yet not all hacking tools are trojan horses. A hacking
tool does not necessarily need to be a self replicating computer virus, yet
a trojan horse always is.
Moreover, a straight spyware application typically does not spread itself
automatically to other computers....a user must visit an unscrupulous
website, click something such as junk mail or place a CD in the CD-ROM drive
to install it.
Commonly, a user will develop paranoia of someone hacking into their
computer once a trojan horse virus is discovered by anti-virus.
Almost always, the trojan horse will have been stopped by the
anti-virus before releasing personal information and severely performing
alterations to the PC and operating system software.
Even if left undetected, a trojan horse running "in the background" or in
memory in full force more often than not will not have a hacker at the other
end reviewing personal information found on the PC.
Why is this?
There are only a few of these hackers, yet thousands or millions of
computers infected. Also, the receiving end of the hacker is often
disabled by Internet Service Providers (a hotmail E-mail account is
cancelled by Microsoft).
A paramount computing problem with, many of the less recently discovered, viruses and
hacking tools is that
the PC will perform slowly as the virus and/or hacking tool runs "behind the
scenes." In some cases, the
PC will not boot up or will shut down immediately after booting.
Notably, some pop-up, spyware or trojan horse programs will consume nearly
100% of processor resources leaving the Microsoft Windows computer nearly
impractical to use due to slowness.
Regardless, the trojan horse security issue should not be left alone.
This is where the personal firewall software is needed at all computers
included in a private network.
The personal firewall will stop a trojan horse from spreading to other
computers on that network and significantly help stop a trojan horse,
spyware or hacking tool application from
sending information back to a hacker.
Often the damage done by spyware, viruses, pop-up applications and other
poorly engineered software will require a software overhaul of the PC.
A software restoration can be performed where either a new hard disk is
installed or the existing hard disk is "formatted" or wiped clean of all
software. Alternatively, a system restoration can be performed using
the Windows XP system restore feature.
With many home users and when the Windows XP system restore process is not
an option, adding a second hard disk is common as it
increases storage space, helps protect existing data, and simplifies the restoration process
when reinstalling Windows.
In this instance, a "clean" installation of Windows XP, anti-virus, personal firewall
and anti-spyware/adware/hacking tools and all other applications is
performed onto a new hard disk drive.
During the process of reinstalling, the old hard disk having important data,
is physically disconnected from the PC so as to prevent overwriting or
wiping out data during the installation.
After the clean install of Windows, the old hard disk is plugged back into
the PC and scanned for virus infected files.
In addition to securing existing information, adding a second hard disk is the most guaranteed way to correct problems encountered
with corrupted and illegitimate software installed on a Windows PC.
Again, in protecting a Microsoft Windows computer from failures and security
problems, having an updated anti-virus and a personal firewall application
installed is an absolute requirement.
Firewall at Router: Technical Discussion
Back to Top Having a "firewall"
between office computers and the global
Internet helps prevent unwanted access to office computers. The
global Internet is a massive web of many thousands of interconnected
communication devices (called routers) and computers. A firewall for this
environment is a system of which allows wanted information to pass in and
out of a computer or network of computers and filters out or blocks all else from the
remaining global Internet.
Most routers between an office network and the global Internet have a
configurable firewall. The term "Intranet" is somewhat of a false representation of a network
and in many ways exists to create confusion.
Really, there is only one Internet where smaller portions of it
(Intranets otherwise known as private Internet subnets) are filtered or "fire-walled" to different degrees from
the remaining global Internet of computers and communication devices. An
unsecured firewall is where for example a computer is connected to the
global Internet and...has been assigned a public IP address.
Having a public IP address strongly exposes the computer to the public as
would be a public telephone number to a telephone. Most dial-up 56 K modem
connections to ISPs are such that a public IP address is assigned
directly to the PC, yet the IP address changes each time the
connection is dropped and re-connected. A secured firewall begins with
computers having privatized IP addresses of which are not directly
accessible from the global Internet and create a more closed circuit of
communication.
There are many other measures for "fire-walling" a computer network to
prevent unwanted access or information from passing and this is only one yet
very significant feature of having a robust firewall. There are hardware
appliances from www.watchguard.com
and Symantec of which provide excellent firewall monitoring and filtering
through IP packet by packet inspection. Yet for most
small businesses, a sophisticated appliance system is not necessarily needed
unless---a diverse and vast quantity of public E-mail and Internet traffic
is passing in and out of the office from the global Internet.
An organization needs to weigh the expense of upgrading and maintaining a
more sophisticated Firewall to the expense of damage or identified
heightened risk of damage done as a result of not having one.
And again, there are personal firewall applications such as "ZoneAlarm" of which filter out
what are known as "port numbers" and "IP sockets" used by different computer
programs of which communicate over Internet Protocol (IP).
An IP socket is created when a software application (such as PcAnywhere) has associated a port number
to a specific IP address.
The IP "socket" is transcendental in that a port number is carried by
Transmission Control Protocol (TCP) or TCP/IP with bits of information
(32-bit packets) stamped with a source and destination IP address. As part of internal programming, all software programs communicating over
the Internet must use port number assignments.
Allowing or disallowing specific or all possible port numbers is again another type of
firewall
feature.
Rock Solid Secure Access:
Core TCP/IP Discussion
Back to Top Being technical and overwhelming for many of
us who would rather go sailing, golfing or conduct business than spend the
day going blind while grooming through text books on Transmission Control
Protocol/Internet Protocol (TCP/IP), a historical
and qualitative discussion through real world analogies are provided. The
tightening of secure access to an office system from the Internet is founded
from TCP/IP. The comparison between the public phone system in the United
States to that of the global Internet is a way to begin an understanding in
tightening secure access to an office of computers. All computers which
communicate over the global Internet are assigned Internet Protocol (IP)
addresses (a 32-bit numerical value). All public telephones in the USA
are assigned a telephone number (a 10-digit number). Yet some phones
are assigned a private extension number and some computers as assigned a
private IP address. Examples: Public IP Address = 63.208.194.88 (IP
address to www.microsoft.com web
server(s) as verified November 12, 2003). Public Phone Number = (800)
426-9400 (Microsoft Sales phone number as verified November 12, 2003).
Private IP Address = 192.168.2.1 (Commonly used as the private IP address to
Cable/DSL routers used in homes and businesses). Other PCs in the
office, on the protected side of the firewall, would have private IP
addresses of 192.168.2.2, 192.168.2.3 and so on. Private Phone Number =
100 (This would be a typical telephone extension number to a telephone on
the inside of an office having many private extensions).
An outside public phone number would first need to be called in order to
access this private phone.
In direct comparison, an outside public IP address or Wide Area Network
(WAN) IP is required to allow for global Internet communication into
and out of a network of computers using private IP addressing.
A public IP address is assigned to every router connected to the global
Internet.
Importantly---The router uses a process called "Network Address
Translation" (NAT) and translates this public IP address into an entire
range of available private IP addresses therebye "shielding" that PC from a
host of security problems.
An office phone system is an analogy to this applying a different
methodology to perform the translation from a single public phone number to
a series of private phone extensions. Specific to computers using TCP/IP
as the programming logic for network communication, there are particular
ranges of IP addresses of which are private and can not be used, with the
exception to NAT, over the global Internet as "Public" and are as follows:
10.0.0.1 to 10.255.255.254 172.16.0.1 to 172.16.31.254 192.168.0.1 to
192.168.255.254 Windows 2000 and Windows XP apply another privatized range
reserved by Microsoft for Automatic Private IP Addressing (APIPA):
169.254.0.0 to 169.254.255.254 To determine the IP address of a Windows
PC, click Start, Run, type in the word "command", click Ok, type "ipconfig",
hit the Enter key and the IP addressing assigned to the PC will appear.
It is possible for a PC to have more than one IP address or none at all.
The rules governing TCP/IP have continued to evolve and improve since
first developed by the United States Department of Advanced Research
Projects Agency early in 1970. Is TCP/IP complex? Is a bucket of sand a
complex?
Yes and No.
If you look at an entire bucket of sand it would appear as a complex
mixture of individual grains each having its own unique color. If you look
at one grain of sand and stop its forward motion as it passes through an
hour glass----this greatly simplifies the view of what the grain looks like
and how it behaves when in motion. The rules of TCP/IP follow an
architecture of 32-bit individual packets of code (binary combinations of
ones and zeroes). In one sense, it is possible to think of how a packet is
to the Internet as to how a grain of sand is to a beach or how it plays a
role in large hour glass.
How many packets are now passing over the global Internet?
How many grains of sand are currently on your local beach? Too many to
count. Yet one can look closely at one packet or grain of sand and
understand much of what there is to need to know. For TCP/IP, the
simplification process can depend on ones interest in electronic communication, rules of
combination/permutation and most importantly---having a feel for time.
In one overall description and in a time frame common to most of us,
TCP/IP and the global Internet can be thought of as millions of transactions, transport and
directional routing mechanisms applied to millions upon billions of packets
of digitized electronic or optical signals passing through cable (or
wirelessly) in a give period of time.
So what's an "electronic signal?"
If you have ever received a shock from static electricity, you received
an electronic signal. Same thing with TCP/IP yet with lower
voltages/current over copper wires or transmitted by radio wave,
microwave, and other usable portions of the electromagnetic spectrum
including visible light. So what's an "optical signal?".
Any light entering your eyes is an optical signal where the optic nerve
sends an electronic signal to your brain. Same thing with TCP/IP
except light signals normally pass over fiber optic cabling, thin brittle
wires having silica (glass) core, reach an electro-optical decoder and
further transmit electronic signals over copper wire to communication
devices and computers. With current technology, if time frames are examined in microseconds
(0.000001 sec) or milliseconds (0.001 sec), frame by frame transactions can
be pin-pointed as to source, destination and what's being transported
(E-mail for example).
If the time frame is in minutes, thousands or millions of transactions
can occur between a remote and source location.
Fortunately high speed microprocessors are built into routers (Internet
communication device) and computers to assist in delivering Web pages to our
computer screen. In retrospect and as a final analogy, the routing speed of the US postal
service to deliver postcards will never match the IP packet routing speeds
of an Internet router made by Cisco Systems to deliver E-mail messages!
Securing access to the USPS much of the time only goes as far as the lock
on your street mail box or PO Box.
Securing access to an office network much of the time goes as far as the
software locks (personal firewall) on the PC and the locks (NAT and firewall
rules) associated with the routed Internet communication into the office.
Personal
Computing: Conclusions for Secure Internet Access
Back to Top As discussed, the implementation
of anti-virus, personal firewall software and other anti-intrusion software
are powerful measures for securing a Microsoft Windows computer.
As for using an Apple Mac---much of the existing security problems at a
Microsoft PC will not exist when using a Mac. The Microsoft Windows PC
is targeted more so than the Apple Mac computer by delevopers of computer
spyware, hacking tools and viruses. While it is still
possible for a Mac to become infected with spyware, the chances of this
happening overall compared to a Windows PC are far less.
With heavy infestations of spyware/adware, corrupted software and computer
viruses, a complete data backup followed with a hard disk format and
software reinstallation is always best as this provides a state in which the
PC was in when new and problem free. The "System Restore" feature in
Windows XP and Me can restore a PC to a more functional state, yet is not as
"clean" as a reinstallation. In family homes with kids, the
number one sources for PC problems with spyware as determined by Apex IS is
the use of the following Internet applications: Kazaa, Morpheous, and AOL
Instant Messenger (chat rooms). Other sources include any "free
entertainment" types of software including PC games as these typical install
spyware/adware destroying the performance and personal privacy at PC. Securing access to an office from the Internet can be as
simple as unplugging a single communication cable, yet that leaves an office
system totally disconnected from the Internet.
Applying the rules associated TCP/IP with firewall systems at both the PC
(personal firewall software) and the router alleviates
the need for such extreme measures and keeps an office connected to the
Internet. In all conditions allowing for Internet communication, comprises
to secure access are then made---no exceptions.
Those who believe otherwise, are fooling themselves and will find that
out when a rogue or humanly controlled process destructively hijacks a mode
of passage into their own office system. Regardless of encryption,
password or Virtual Private Networking (VPN) technique, for each service
and/or demand expected of an Internet connection, comprises to a secure
office system are made as more TCP/IP "application holes" are punched
through a Firewall. Increasing the number of passage ways in and out of an
office system, always increases the risk of unauthorized access and a
reduction in secure access to that system. The only 100% secure access to
a system, is one having no passage ways leading into and out of that system.
Written By Ed Siemion, BS, MS Comments
and proofing of this page are welcomed. |
