- Don't Let Hackers Hijack Your PC


	SEARCH:


		Toolbox Site of the Week

Don't Let Hackers Hijack Your PC

Even Some Home Computers Are Vulnerable To Getting Manipulated By Site-Crashers

Tom Egan covers coming trends in consumer technology
March 1, 2000, 3:45 p.m. EST

In early February, Internet vandals brought down several high-profile Web sites. How did they do it? What does it mean to you?

Let's ask Lucille Ball, because, despite what Robert Fulghum says, everything you really need to know, you learned from television.

You may have heard that sites, including Amazon, Yahoo! and eBay, were disrupted by something called a denial of service (DoS) attack, meaning that, pelted with repeated, phony requests for a connection, the sites were brought to a standstill and had to deny service to legitimate users.

Lucille Ball One of the classic "I Love Lucy" episodes, "Job Switching," finds Lucy and Ethel at work in a candy factory. Their job is simple -- remove candy from a conveyor belt, wrap it and place it in boxes. Of course, the conveyor belt moves too fast, the ladies are overwhelmed by the constant stream of candy, and hilarity ensues. Let's just say that candy gets stuffed in some unlikely places. (If you'd like to view a QuickTime movie, click here.)

In a nutshell, that's a good representation of a DoS attack -- an attack coming from one source. It's easy to see the solution: Simply stop the conveyor belt, or in essence, block out the false requests which come from a single source.

Web attack: Illustration by Karl Laun But the recent attacks were actually examples of a distributed denial of service attack, or DDoS. The vandals didn't use a single source -- they used hundreds or even thousands of computers.

To understand the "distributed" part of the DDoS equation, you need to think of that classic "I Love Lucy" episode as it might have been written by Rod Serling. Imagine Lucy and Ethel transported to "The Twilight Zone," where conveyor belts of candy materialize out of thin air from all directions, literally burying the hapless duo under mounds of candy, and you've got some idea of the magnitude of a DDoS attack.

Should you be concerned?

Probably not. Unless you happen to operate a high-profile Web site, you probably won't be a target of a DDoS attack.

However, if your personal computer is attached to the Web through either a 24-hour-a-day cable or DSL modem, you could become an unwitting accomplice to a DDoS attack.

By following just three Internet security rules, you can make it far harder for vandals to appropriate your computer for nefarious purposes. (I've always wanted to use "nefarious" in a sentence.)

Rule No. 1: Never open attachments to e-mail unless ...

... unless you know the sender and have confirmed that the message -- and its attachment -- originated with that person.

The problem with attachments is that they can contain malicious programs that can corrupt files on your computer, erase your hard drives, or even make it possible for an outsider to gain access to your computer and run it as if they were seated in front of your monitor, typing on your keyboard.

This is even more critical now that one of the malicious programs used to initiate a DDoS attack has been found to be contagious on Windows machines and can be distributed by several means, including e-mail attachments.

Trojan horse illustration from arttoday.com

Rule No. 2: Get an anti-virus program -- and use it.

If you download information via the Internet, or exchange data via disks or e-mail, you need virus protection. A virus is one of several types of malicious programs, like trojans, worms, etc., which can be part of an e-mail file or any data file that you download from a disk or the Internet. The consequences of being infected can range from programs that cause nasty messages to appear on your computer screen to programs that erase your hard drive.

An anti-virus program can help by "looking" through downloaded files for malicious programs. If it finds such a program, it typically prevents it from being installed on your computer, or erases the offending files from the downloaded information.

Don't accept files if you don't have anti-virus software running. Any file can be infected. My first column for this site was returned for editing, via e-mail, as a Microsoft Word file -- infected with a macro virus. So trust no one (not even your editor).

Companies like Symantec and McAfee produce good anti-virus software and are also good sources of information about computer security. McAfee's site offers advice on DDoS attacks and particularly nasty programs like Back Orifice, which sounds like something dreamed up by a Howard Stern fan.

Anti-virus programs start at $30 and go up from there. For a listing of anti-virus software for Windows, Linux and Macintosh computers, go to Tucows and search for "anti-virus."

Rule No. 3: If your computer has a full-time Internet connection ...

... via a cable modem or DSL service, you need to run firewall software.

Computer vandals often launch programs over the Internet that search for computers to be used for DDoS attacks or for other purposes. Typically, they want machines with high-speed, 24-hour-a-day access to the Internet that don't have proper security.

Did you know that, if you run Windows and have "file sharing" enabled, a hacker can gain access to any of your computer files over the Internet? The standard home computer provides ample ways for computer vandals to gain access. That's why firewall software is a necessity for some computers.

Firewall software "defends" your computer from malicious attacks via the Internet. Programs on your computer and even the operating system itself can leave your computer vulnerable to outside control via the Internet.

Want to know if your computer is vulnerable? A site called Shields Up! offers to scan your computer and test it for vulnerabilities.

My computer passed with flying colors, because, for the last three months, I've used a program called Black Ice Defender as my firewall. I've got a full-time DSL connection through a local Internet service provider (ISP) and my system gets "scanned" by hackers fishing for computers to vandalize approximately every other day.

Shields Up! offers reviews of firewall software and even recommends a new, free program, ZoneAlarm 2.0. The other programs reviewed run from $30 to $70. Personally, I think the Shields Up! review of Black Ice Defender is a little harsh. For me, it was extremely easy to install, and it has run with no problems. PC Week offered a more positive review of Black Ice Defender.

Remember, firewall software is essential for computers with permanent connections to the Internet. If you use a dial-up connection, firewall software isn't particularly useful, so save yourself some money.

Hackers: Good For Business?

In the final analysis, the real consequence of the DDoS attacks is that more people will spend more money to make their computers more secure. For most of us who use computers, that's money we'd rather not spend -- but it's money well spent.

Related links:

Detailed information about DDoS attacks: I, Cringley on the PBS Web site
From our columnist John Dujay: Will The Real 'Hackers' Stand Up?
Technology News, February 23, 2000: Program That Hacked Yahoo! Spreads By E-Mail

--Tom Egan has worked the information business from photography and journalism to video production and online editing. He writes about technology from his home in Saint Paul, Minn., within three blocks of four bars that serve Guinness on tap.

What are your thoughts on the technology of tomorrow? E-mail your feedback to Tom Egan at egan@ibsys.com

Originally published February 29, 2000.