Constant Contact

HOME | ABOUT US | SERVICES | WEB DESIGN |MULTIMEDIA |HOSTING | EMAIL |SOFTWARE |SITE MANAGEMENT | TRAINING|DOMAIN SERVICE |OUR CLIENTS | FREE | ARTICLES | CONTACT |

  RESORT NEWS

December 2002

Greek Mythology


I still love ancient mythology and was enthralled by it in my school days. We all remember the incredible tale of Paris, Helen and that deceptive beast, the Trojan Horse, all way back in about 1500BC give or take a few centuries. The lovers have long left their mortal coil but the horse still exists in cyberspace. Just as that ancient tale was all about security, so is this.


I wrote about spyware and we all understand the basics of viruses. But like the saying goes; "there is more". Things aptly named Trojan Horses, because of their similar nature to their historical forebear, who also deceive and are designed to cause us grief.. And who came to grief? Yeah, your not so clever author!
Let me explain some basics which affect you also and the real cause for my security concerns and the reason for this tale.


All modern computers have some 60,000 odd ports. Think of the computer like a house which has this many doors. Some doors serve a specific purpose and others allow all kinds of traffic in and out. These doors, or ports in computer speak, are numbered with many dedicated to predefined tasks such as : collect email (port 110), log onto the web (port 8080), control file or printer sharing on networks and so on.


We operate a network at Cybercons which is well protected with anti-virus and firewall software which is always up-to-date and even regularly tested by external resources. The network consists of conventional desktop PCs and one note book computer to permit mobility if needed. This arsenal of protective software was installed really in anticipation of broadband becoming available but permitted testing and fine tuning whilst still using the dial up system we all use. My attitude quickly changed during this "tuning" period when I discovered that my computers were under almost constant "attack" whilst on line at random times and each time with a different IP or address as previously explained in another article.


How was that possible? Easy! Scanners, just like those which scan radio frequencies to listen in to the police, fire brigade, air craft etc. except this time scanning the internet for open ports. This is what hacking is all about. Get into someone's computer via an open port and have a play. Great if it happens to be a bank or credit card provider. New Ferrari's for mum and aunty Irma!


However if your are not clever enough to do that, well, just slip a nasty program in to do some dirty work. Because the ports are specific task managers so a specific Trojan Horse has to be aimed at specific ports, otherwise it would not work. And that is exactly what goes on. As always, lists of all this information is available all over the web with many sites specialising in this topic.

And what do these TH's do? Well, just like viruses they can do many things. So why are they named as they are? Because they disguise themselves and indeed change themselves into different formats by altering their names, file sizes or imitating if not replacing components which legitimately belong to the computer. To make matters worse, they spread over networks where of course one has given each computer the right to communicate like that, with no questions asked, and to transfer files between them.
So what happened to me? You have probably guessed that the note book was taken for an excursion, email from a trusted source downloaded whilst the virus definitions were not quite up to date because the network server always was and looked after all machines. It was not updated at the time because it was inappropriate to use someone else's phone line for an extended period.


Bring the note book home and plug it into the network and bingo! Damage done! The price for a little bit of smug "it'll be ok just this once" was four days of work and hair tearing to clean up the network machines and not lose any precious data.


What about backups you say? Of course we backup but between different computers. So if all are suddenly at risk you can still lose the lot. Once again, you are only as strong as your weakest link. The nastiest side to all this was that this trojan actually attacks anti-virus software and firewalls, amongst other things, and to add insult to injury installs a dialler to phone home and get some more nasties.


So what should one do to protect ones system and valuable files?


· Update your Windows operating system which for later versions can be automated.


· Most definitely update your browser to the latest version - these are free. You should all be running at least versions 6 by now!


Install good anti-virus software and keep it up to date. Update at least once a week. If you use Norton's set for Live Update to automate this. These are available every Wednesday. Otherwise manual updates are available on a daily basis.


· Install a reliable Fire Wall and test it from several good web sites which try to break into your computer whilst you are under test.


· There is specific trojan horse detection/protection software but the above items should be able to cope.


· Beware the BHO's.
These are "Browser Helper Objects" and most of you would have come across a variety of these such as the add ons to your web browser to go directly to Google or Altavista if you wish to search. BHOs are programs which can do anything the designer intends.

Most intentions are good and designed to make our life easier as with those search engine attachments. But, as always, dishonourable intent also exists and that is where you can come unstuck. To be installed you actually have to agree to this happening and of course you do. you have believed the "sales" pitch. No anti-virus will detect them as they do not carry the expected fingerprints viruses have. Many of the undesirable ones are also part of the spyware story a few issues ago.


Another very useful tool is to install SpySites from http://Camtech2000.net which also offers a free version. This handy little tool updates its extensive data base, currently listing 1,500 plus sites, regularly. It not only tells you what these sites do but allows you to block your browser from these sites. Also a good help if there are inquisitive youngster about.


Having betrayed my own standards it was interesting to visit Nortons web site to look at their statistics of security scans they performed on 21 odd million people who agreed to have results applicable to them entered into a database. You can see the bar chart but in summary the following percentages of the 21 million are at risk as follows:
· Network vulnerability 22%
· Network or hardware sharing weaknesses between computers 19%
· Active Trojan Horses 8%
· Antivirus Programs deficiencies 28%
· Antivirus definitions not up-to-date 11%
· Browser privacy flaws 51%
· These results are updated every hour and one does not have to be Einstein to calculate that a huge number of people are really playing with fire - their own data security.


Just remember that all the software mentioned, with the exception of anti virus, is free. You have no legitimate reason for not ensuring the safety of your systems and your sensitive information. Just remind me to heed my own advice. Please!
I wish you and yours a happy and secure festive period and look forward to meeting again in a happy New Year!

 

Cybercons provides a comprehensive range of services for business Internet, intranet, and specialised software. For further information on any of these services available please contact us.

Quality web design and software solutions
www.cybercons.org

HOME | ABOUT US | SERVICES | WEB DESIGN |MULTIMEDIA |HOSTING | EMAIL |SOFTWARE |SITE MANAGEMENT | TRAINING|DOMAIN SERVICE |OUR CLIENTS | FREE | VIRUS INFO | ARTICLES | CONTACT | SITE MAP|

 

Site designed and maintained by Cybercons © 1998 :Page was last updated on: