Computer Crimes
Keeping online onlookers out of your life
By Dr. Steve O'Neil, N'Fusion, Inc.
One area that most surfers take for granted is that of personal
computer security. Tales of woe from Microsoft, eBay, Amazon
and the likes are a million miles from the daily scenarios
of most Internet users. Nevertheless, there are increasing
instances of identity theft, fraudulent transactions, and
denial of service attacks that are filtering their way into
the work-a-day world. The Computer Security Institute and
the FBI, in fact, have identified information theft as the
costliest computer crime going [The Industry Standard, 12-11-2000].
With the increasing use of broadband Internet connections,
we can only expect to see both mischievous and criminal computer
trespass increase. This is especially the case with cable
and DSL access where the typical connection is always on and
the computer connected to it typically uses the same IP address
every time it logs on to the system.
Find the types and frequency of security threats in an
online white paper on the subject.
An increasingly popular way of dealing with personal computer
security threats is by using personal firewall technology.
Firewalls fall into two broad categories: software-based and
hardware-based. Sophisticated protection systems use both
types of safeguards, but at a cost of from $500 to $4,000+,
most hardware firewall solutions are beyond the budget of
individual users. Instead, the individual user relies in most
cases on software solutions. Although the software solution
is adequate in a majority of cases, users should be aware
of the fact that break-ins can still occur due to the increasing
sophistication in the world of hacking and the fundamental
security flaws which exist in most operating systems. A good
white paper on the types and frequency of security threats
is Improving the Security of Networked Systems, available
at http://www.stsc.hill.af.mil/crosstalk/2000/oct/allen.asp.Current
advisory alerts are available from The CERT Coordination Center
at the Software Engineering Institute, a federally funded
R&D center located at Carnegie Mellon University. Find
it at http://www.cert.org.
For individual users, security software ranges from free
to about $100. Among the most popular are the Norton Personal
Firewall and their Internet Security 2000 products that can
be purchased at http://www.symantic.com.Another
popular package is the McAfee Firewall and McAfee Guard Dog
available at http://www.mcafee.com
. One that I have had good
luck with is Zonealarm. This is a free firewall product (for
personal and non-profit use) designed especially for incorporation
into broadband access systems such as the cable-based Roadrunner
system and DSL lines. Check it out at the Zone Labs site at
http://www.zonelabs.com/.This
product can be used with Windows 95, 98, Me, NT, and Windows
2000. After downloading, get some good installation and configuration
instructions from ZDNet at http://www.zdnet.com/zdhelp/stories/main/0,5594,2610364,00.html
. This article covers the
five main configuration tools: the security panel, the lock
panel, the programs panel, the alerts panel, and the configure
panel. Regardless of what software solution you try, be mindful
that if you do not configure it properly, you may be allowing
open access into your computer as some of these products have
very poor default installation options. "Automatic permission"
defaults should be avoided.
While the solutions discussed here will keep most outsiders
out of your life, there are also internal matters to deal
with. When you use another person's machine or an "Internet
Cafe" PC, most of the tracks you leave will stay on those
machines unless you remove them. This includes surfing histories,
automatic file backups, e-mail copies, etc. If you do sensitive
research, patent disclosures, or proprietary methodologies
on your termina, you may want these to disappear in order
to avoid prying eyes. One neat tool to cover your tracks is
Eraser (currently in v. 4.11), which can be downloaded for
free from http://www.zdnet.com/downloads/.
It has three security levels, performs multiple overwrites,
and makes it virtually impossible to recover any data wiped
from your hard disk. Similar, but enhanced, procedures can
be performed with Evidence Eliminator v5.053 available from
the same download URL. This is shareware ($74.95) which you
can try for free. It wipes swap files, recent documents, run
histories, find histories, and other designated files.
If you are using Atari, Mac, or UNIX systems, you can find
useful anti-virus and security tools at ftp://ciac.llnl.gov/pub/ciac/sectools/.
Other useful Web resources for security information and
tools are the Australian Computer Emergency Response Team
at http://www.auscert.org.au/information/tools.html,
and the University of Texas at http://www.net.tamu.edu/network/public.html#Security.
If you have an interest in security issues on an ongoing
basis, sign up for a weekly e-newsletter from Security Alert
Consensus at http://networkcomputing.com/concensus/
.
 Steve
O'Neil, Ph.D. is President of N'Fusion, Inc., an editorial
and Internet consultancy which aids technology companies in
integrating their print and online strategies, improving advertising
and branding accountability, and building end-to-end e-commerce
solutions. The company is headquartered in the Tampa Bay,
FL area with offices and affiliates throughout the US, Europe,
and the Pacific Rim. Steve can be reached at stephenjo@earthlink.net
or 727-742-9169.
|
