CET 751

Research Paper

How to Protect My Home Computer

By Sandy Nightingale

July 12, 2002

 

     I recently bought my first home computer, and after waiting this long to get exactly what I wanted, I decided that I needed to do some research on how to keep my computer safe from viruses and hackers.   In my research I came across some very alarming statistics.   Three out of every one hundred e-mails are infected with a virus!  Seven percent of all computers worldwide were infected with the KLEZ-virus in April 2002!  Forty new viruses are found every week!  These disturbing facts encouraged me to take a closer look at what steps I need to take to ensure that my home computer is well protected.

     The home computer has become a valuable resource.  We use computers for everything from banking and investing to shopping and communicating with others through e-mail or chat programs.  Additionally, there has been substantial growth in the amount of work done on a home PC, both for the office and for school.  Therefore, the need to protect home computers is growing significantly.  If today’s home computer fell prey to a damaging virus or destructive intrusion by a hacker, the potential for loss could be considerable!  Although you may not consider your communications “top secret,” you probably don’t want strangers reading your e-mail, using your computer to attack other systems, sending forged e-mail from your computer, or examining personal information stored on your computer. 

     Often hackers don’t even care about your identity.  It’s not a personal attack against you, but a way to gain control of your computer so they can use it to launch attacks on other computer systems.  Having control of your computer allows them to hide their true location and identity as they launch attacks.  Intruders may be able to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data.  Unfortunately, computer attackers are constantly discovering new “holes” to exploit in computer software.  When holes are discovered, computer vendors will usually develop patches to address the problem.  However, it is up to the user to obtain and install the patches.    Also, some software applications have default settings that allow other users to access your computer unless you change the settings to be more secure.  Examples include chat programs that let outsiders execute commands on your computer or web browsers that could allow someone to put damaging programs on your computer that run when you click on them.

     What can be done to protect a home PC?   Layers of security are your best bet.  Each step can be relatively simple and not too technical, but taken together can provide significant security and privacy.  Your Internet Service Provider should be your first line of defense.  Choose an ISP that offers anti-virus and spam filters for your e-mail.  Another layer of security can be your broadband (cable/dsl) modem.  In my research, I found these additional recommendations consistently mentioned.

  • Consult your system support personnel if you work from home.
  • Use virus protection software.  Be sure to keep your anti-virus software up-to-date.  Use automatic updates when available.
  • Use a firewall.  However, no firewall can detect or stop all attacks, so it’s not enough to install a firewall and ignore all other security measures.  A firewall is a software and/or hardware tool for defending a computer from network based attacks performed by malicious or curious users.  A firewall protects by limiting which outside computers can connect to, and use your computer. Personal firewalls have two basic functions.  They protect your system from unsolicited scans coming from the Internet.  Secondly, they usually offer outbound control to watch for a Trojan horse or spyware trying to call out from your system.
  • Don’t open unknown e-mail attachments.  It is not enough to see that the e-mail originated from an address you recognize.  The Melissa virus spread because it came from a familiar address.  If you must open an attachment, be sure your virus definitions are up-to-date, save the file to your hard disk, scan the file using your anti-virus software, and then open the file.
  • Don’t run programs of unknown origin.  They might contain a Trojan horse program.  Trojan horse programs are a common way for intruders to trick you into installing “back door” programs.  These can allow intruders easy access to your computer without your knowledge, change your system configurations, or infect your computer with a computer virus.
  • Disable hidden file extensions.
  • Keep all applications, including your operating system, patched.
  • Turn off your computer or disconnect from the network when not in use.  An intruder cannot attack your computer if is powered off or completely disconnected from the network.
  • Make regular backups of critical data.
  • Make a boot disk in case your computer is damaged or compromised.
  • Use strong passwords.

     It was interesting to read the different analogies that were used to describe the Internet.  One such analogy stated that the Internet is a hostile network like the wild-west without a sheriff.  Another compared connecting your computer to the Internet to leaving your car running with the doors unlocked and the keys in it.  Still another compared the Internet to a small town that has rapidly grown into a city and is no longer a safe place to leave doors unlocked.

      If you spend a lot of time on the Internet and you are not behind a firewall, then you are living on borrowed time.  Putting some protection between you and the Internet is probably the third most important thing that you can do, after getting virus-checking software and performing regular backups.  An attacker can get through any kind of modem – DSL, cable, 56K, or whatever.  If the device gets you on the Internet, you are vulnerable.  The only way to make your computer completely hacker proof is to turn it off or disconnect it from the Internet.  A broadband Internet connection is easier to hack because it is always on and often has a static IP address.  This means that once a hacker finds your computer, it is easier to find it again because the IP address doesn’t change.  Most 56k dial-up Internet connections use a new IP address each time you connect which makes it much harder to find your computer again. 

     Firewalls provide security by making ports invisible, cloaking your machine.  They monitor data that passes between your machine and the Internet, only accepting the traffic you approve.  There are two different types of firewalls, software or hardware.  A software firewall runs on your computer system in the background.  They are generally very inexpensive and easy to configure, but since they run on your computer, they require CPU, memory, and disk space.  A hardware firewall is generally a small box that sits between your computer and your modem.  They tend to provide more complete protection, can protect more than one system at a time, and don’t effect the system performance since they don’t run on the system.  They are expensive, although if you have several computers, it may cost less to buy one hardware firewall than many software firewalls.    If you have a firewall and you want to test it, go to http://www.grc.com and request a probe.  You will be given a report of exactly what issues were found and what to do about them.  ZoneAlarm Pro was consistently rated as the best software firewall available.  It is very inexpensive and a free version is also available.  To find out from direct experience whether you need a firewall, try one.  After a few days, use the report function to see how many times your computer has been scanned, although many times scans are not dangerous.  For example, your ISP may be checking to see that your connection is good.

     In conclusion, firewalls serve as the front door for many networks and websites.  Firewalls are a cost-effective way to add security to a network or home computer.  On the other hand, firewalls are not absolute guarantees of security.  In my case I have a 56k dial-up Internet connection.  I don’t feel that my computer is at a tremendous risk, but I do not want my computer to be damaged and/or data lost.  Therefore, I think the best solution for myself and others like me is to try the free version of ZoneAlarm and use the report function to see how many scans are made.  That, along with my anti-virus software and regular updates and backups, should make my home computer relatively safe.

 

 

BIBLIOGRAPHY

Lowe, Richard (2002). Firewalls. http://internet-tips.net/Security/Firewalls.htm
     Retrieved July 7, 2002, from Internet Explorer.

 

Carnegie Mellon University (2001).    
     http://www.cert.org/tech_tips/home_networks.html

     Retrieved July 7, 2002, from Internet Explorer.

 

Raikow, David (2000). “Do I Need a Home Firewall?” ZDNet Reviews & Solutions.

     http://www.zdnet.com/products/stories/reviews/0,4161,2610905,00.html

     Retrieved July 7, 2002, from Internet Explorer.

 

Connolly, Julie (1997).  “Does Your Network Need a Firewall?” The Edge  
     Newsletter. http://www.mitre.org/pubs/edge/july_97/third.htm
     Retrieved July 7, 2002, from Internet Explorer.