Internet Connection Security for Windows Users |
by Steve Gibson, Gibson Research Corporation |
Beyond Lie Monsters Yes, there can be no question that you're in danger: If your computers are only connected to the Internet briefly, when you're browsing the web or retrieving and sending eMail, your connection exposure will be minimal. But if you are one of the millions of people who are discovering the amazing power and convenience of a persistent connection to the Net through a cable modem or DSL line and if you leave any of your computers on and connected for hours at a time, then your exposure is substantially greater.
that my little computer would even get noticed? " That's a very good and reasonable question, but the answer might frighten you as it frightened me. Here's the crux of it:
The power of these tools is a matter of great pride for the true hackers on the Net. By "true hackers" I mean someone who is more interested in what they can do, than in what they can do to you. This is why I'm careful here to call people who break into your computer "intruders", "crackers" or "vandals" rather than "hackers." Hackers don't necessarily "do bad" with their tools and knowledge. They pursue "hacking knowledge" for its own sake. To give you a feeling for what goes on out there in the nether regions of the Internet, here is a boast made by the author of the powerful "Asmodeus" scanner:
As you can see, it's more about the technology than about the damage that can be done. Greg, for example, is much more interested in how many countries he can scan than in their individual computers. (If you haven't clicked on either of those links right above you might get a kick out of reading something else Greg wrote.)
a huge intellectual playground for people with a passionate love of computers and computing. Unfortunately, the technology generated by the really top-notch hackers is made freely available to anyone on the Net. This technology is picked up by much less accomplished vandals or "crackers" (often referred to by the disparaging term "Script Kiddies") who take those powerful tools and apply them to much less intellectual nefarious ends.
My Own Experience With Scanning. . .
My next "experience" with scanning was on the receiving end!
Four friends subsequently purchased and downloaded an intrusion monitoring personal firewall product that I found (more on that later) and every single one of them has detected multiple probes and sweeps of their systems!
time without our knowledge!
As Stan Miastkowski recently wrote for PC World Magazine:
Stan's comment about "scary stories about hackers trying to sneak their way into our PC's from the Internet" brought to mind something relevant: Many years ago when I was writing my weekly "TechTalk" column for InfoWorld Magazine, I got into a number of arguments with the "SysOps" on CompuServe. They were claiming that the vague rumors of "bad programs" that stayed in your computer and could do damage after you had run them, was pure science fiction. Something seemed to be going on, but no one knew for sure. What I knew for sure was that it was possible (even if it wasn't happening) and I was pissed off by the closed minds of the CIS SysOps who seemed to be in denial, and who apparently didn't want to be blamed for their service being a distributor of "viral" software. So I wrote a series of four columns about how such "software viruses" might operate and replicate themselves. Being a software developer myself, I described their reproductive systems in detail and hypothesized their optimal survival strategies. And to make it more fun, even though I had never seen such behavior, I wrote about it as if it were real. To my amazement, John McAfee phoned after the third column was published. He said he had no idea that another viral researcher was operating and he wanted to compare notes and exchange viruses since I'd exactly described the reproductive behavior, methods, and strategies of all the viruses they had captured in their lab. He wondered if I also had some that they didn't. Well, I remember how disappointed he was when I told him that I didn't have any viruses, didn't know that such things really existed, and had certainly never seen one. But it was gratifying to know that I'd been right.
I again believe that I'm writing about and discussing something that's in the very early stages of BECOMING A HUGE PROBLEM for all Internet-connected Windows users. The following pages describe highly effective proactive measures that anyone can take to "raise their shields" against the forthcoming onslaught. But first, you need to know about the "Password Crackers" so please read on . . . If you're curious to read more about the threat from Internet scanners, check out these links:
So . . . are you in danger? Could you possibly have any doubt?
I don't mean to be an alarmist, but isn't the conclusion inescapable? If my Shields UP! security test came up with either of the blocks shown below, YOU are at much greater risk than if only your user, machine, and workgroup names were exposed.
If you have passwords protecting those resources (most people don't even have that), and if it seems worthwhile, an intruder can run any of a number of available password crackers against your system in the background, pounding away at your shields without you ever being the wiser until they crumble. Mature and secure systems have many forms of protection against these age-old and well-known password cracking attacks. Secure systems will notify their user of failed attempts or completely lock-out remote access after some number of password failures. But Windows has no protection whatsoever against silent password cracking on your file shares that are exposed to the entire world! You'll never know that someone has a powerful battering ram pounding away at your door, and nothing keeps them from pounding away day and night so long as your computer is on and connected to the Net. This is a problem.
Once your password is broken, YOUR DRIVE becomes just like one of theirs! They can browse around within it, read your files, download your Quicken accounting files, find your online banking files, search for credit card information, CHANGE your data, plant any number of trojan horse and software viruses ... and, of course, delete anything they choose. In fact, one of the latest tricks is to upload a "forwarding server" into your computer without your knowledge. Then they break into OTHER computers using YOUR computer as a "connection forwarding and masquerading point". Any attempts at backtracking their identity leads the FBI to your door instead of theirs!
So, clearly, password crackers are no myth, and it takes no particular skill to locate one for free download as I did (158 times!). As you will see in the following pages, it is not necessary for you to send your computer out onto the Net without protection. But if you must for some reason, at least give it uninteresting share names and random nonsense passwords! (The next page elaborates upon that.) If your computers are running with a persistent connection to the Net, the presence of file shares scanners and password crackers prowling the Internet right now guarantee that ...
computer is visited with neither your knowledge nor your permission!
In fact, given my brief experience monitoring my own connection to the Net, there's a very good chance that it has already happened without your knowledge. Your computer's Internet address may already be logged into many cracker lists where their motto is:
|
Gibson Research Corporation is owned and operated by Steve Gibson. The contents of this page are Copyright (c) 2024 Gibson Research Corporation. SpinRite, ShieldsUP, NanoProbe, and any other indicated trademarks are registered trademarks of Gibson Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy. |
Last Edit: Aug 04, 2006 at 20:43 (6,617.21 days ago) | Viewed 11 times per day |