Get hackers out of your home

The arrival of broadband Internet access has opened up a new playground for hackers: home computers.

“There is software available on the Net that makes it easy for hackers to probe thousands of hosts and, if file sharing is on, they will find you and compromise you,” said X-Force director Chris Rouland.

Xforce is a team of security experts that research the latest technology security vulnerabilities and threats for Atlanta-based Internet Security Systems.

The threat is not new, but with consumer adoption of always-on connection technologies, more home computers are potential targets.

Anyone who connects a personal computer to the Internet is at risk, but traditional modems aren’t connected long enough for a hacker to weasel onto a machine remotely.

The always-connected nature of the new high-speed connections gives a hacker more time to detect the computer and exploit it. Services that cause this new vulnerability include connection via cable modem service and DSL, or Digital Subscriber Line connections.

Hackers target computers by scanning for Internet Protocol addresses across the Internet. An IP address is a unique identifier, like a phone number for a computer. Computers connected via traditional modem have their IP address assigned to them by their Internet service provider (ISP). This number changes each time they connect. The numbers for cable modem IP addresses don’t.

“Cable modem service is the most vulnerable technology because their users’ IP address is fixed. A hacker can toy with your computer at two in morning, and if he wants, he can come back tomorrow because the IP doesn’t change,” said Darren Popham, vice-president, Signal 9, a Kanata, Ontario security software maker.

Home users with a DSL service are less vulnerable than cable modem users. A DSL-connected computer is assigned an IP address for each session and retains that address until the computer is rebooted or until the connection is dropped and re-established through a software command. One caveat: corporate DSL users are as vulnerable as cable modem users because they, too, have fixed IP addresses.

In the United States, DSL providers offer both dynamic and fixed IP addressing to home users.

There’s an added issue with cable modem technology.
“Your neighbours can access a lot more of your personal information than maybe you want them too,” said Ken van Wyck, chief technology officer of e-commerce and network security firm Para-Protect in Alexandria, Virginia. “It’s like being on the same local area network at work, except you’re on with your neighbours. They can see your computer, the network and the mail groups you subscribe to, the Web pages you request and the e-mail you send.”

To snoop, all a nosy neighbour needs is the desire to do it and a network sniffer program, which is commonly available on the Internet. “It wouldn’t take them much to deduce what your interests and your fetishes are,” added van Wyck. (Tip: to clear adult content from your computer see Evidence Eliminator)

There are several ways hackers can access an unprotected computer connected to a broadband service.

First, they have to find it. This is done using a “war dialer,” a tool that scans the Internet for potential candidates. Those tools are widely available on the Net, so a hacker doesn’t have to be a sophisticated programmer. All that’s needed is to know where to find the tools.

Once a hacker learns about an ISP’s network structure, what is known as a port scan is usually performed, which looks for “doors” on a computer system. Next, the hacker checks to see if any of these doors are unlocked. Hacker programs automate this process.

There are a variety of techniques an attacker could execute on an unprotected broadband-connected workstation running a Microsoft operating system. Instructions on how to do this are widely available on the Web. Step-by-step instructions on how to hack a Windows 95/98/Me or XP machine connected to the Internet can be found through a Web search engine in less than a minute.

One popular method is to locate a machine that uses file-sharing features built into the operating system. Passwords can be enabled, but that’s not the default setting. Even so, guesswork by hackers often yields results, as users often use uncomplicated passwords or a default password.

Hackers can also use a Trojan Horse or Backdoor program. Once installed on the target computer, these programs give the attacker the ability to take control of the machine. Installation is achieved through trickery or via security flaws in chat systems such as ICQ and Internet Relay Chat.

These can be detected and eliminated with an anti-Spyware program such as PestPatrol or Spyware Eliminator.

Macintosh computers are at risk, as well. “They are also vulnerable through default configurations, however less security exploits have been published in the last several years about MacOS, so inherently they will be more challenging for a novice hacker to penetrate,” said Rouland.

Van Wyck agreed that Apple platforms are equally vulnerable. “The network scanners (hackers use) are looking for network-based opportunities. If file sharing capabilities are turned on, then it doesn’t matter what platform you are on.”

Hackers can be divided into two groups. Rouland calls them “knowledge hackers” and “script kiddies.” Knowledge hackers develop their own tools and are programmers in their own right. Script kiddies don’t have strong programming skills. They use tools developed by knowledge hackers and are typically up to mischief; they just want to see what they can get into.

“Hacker motivations span from joyriding to geopolitical,” noted Rouland. Defacing government Web sites is a favourite hacker activity.

According to Steven Levy, in his book Hackers, (Dell, New York, 1984), some hackers simply believe in the “hacker ethic,” that access to “anything which might teach you something about the way the world works—should be unlimited and total,” and that “all information should be free.”

Hackers even provide a service at times. They let organizations know about flaws in computer security.

Hacking can also extend into criminal behaviour. In December, eUniverse, the parent company of electronic retailer CD Universe, was held to ransom by a hacker.

A 19-year-old Russian, identified as “Maxus,” claimed he’d hacked into the company’s files and had absconded with as many as 300,000 customer credit card numbers. “I found a security hole,” the extortionist reportedly wrote in a message to the company. “Pay me $100,000 or I’ll sell your cards.”

The company declined to submit to what Rouland calls “data-hostaging.” They called in the FBI. On Christmas Day, Maxus released 25,000 pilfered card numbers on the Web. Despite efforts to track him, Maxus remains at large (as of February 2000) and is thought to be somewhere in Europe.

On a smaller scale, hacking home computers can put personal information in the wrong hands. This extends from simply an invasion of privacy to the theft of banking information. Banking passwords can be stolen from document files stored on a computer. Or worse: A Trojan Horse can be used to “record” keystrokes as a consumer does on-line banking.

“It’s a pretty serious threat. Someone could be relieved of their assets,” said Rouland. By extension, if a user’s home computer is unprotected and they also use the Internet to connect to their company network securely through a technology known as VPN, or Virtual Private Network, they can put the company at risk. A wily hacker can find this link on a vulnerable computer and make his way into the company’s network.

DSL and cable Internet providers warn their subscribers about the security risks of broadband services, but leave it up to the individual to decide what to do.

However there are strategies to easily defend yourself from such threats. A software program called a firewall (see firewall software on [link removed].com) can be used if your computer connects directly to a high-speed Internet modem.

Or you can use a gateway (like these network devices ) – a little network box that shares an Internet connection – that includes a firewall function built into it.

We recommend D-Link’s router as a fine defense against hackers.

How to defend your home computer against hackers.

CHANGE IS GOOD: If you have the ability to change your IP address, refresh it regularly. A computer will obtain a new IP address automatically when the machine boots after a restart. Some DSL accounts have this ability. If your computer has a fixed IP, minimize opportunities for hackers by powering down the computer when it’s not in use.

BUY A FIREWALL: There are a variety of affordable software and hardware firewall solutions available for home computers and small business networks. Software options can cost less than $75. Hardware devices that protect a small network and share a broadband connection can be purchased for less than $400.

UPDATE YOUR OPERATING SYSTEM: Check with the maker of your operating system for bulletins and patches about security issues. Download and install system patches as they are made available.

VIRUS CHECKER: An important part of any computer security plan is the installation of an up-to-date virus checker. Programs like Symantec’s Norton AntiVirus, McAfee’s VirusScan and Trend Micro’s PC-cillin 6 will protect a system from viruses and Trojan Horses. (more on virus protection here) This is only effective if updates are installed on a regular basis. The makers of these products provide the ability to download the updates—called virus signatures—over the Internet.

DON’T SHARE: Turn off file sharing software on your computer’s operating system. Your Internet service may be able to provide you with information on how to do this. Your operating system manufacturer will also be able to help.

ASK YOUR ISP: Ask your ISP to suggest solutions and to provide help in securing your system. They often have recommended software, hardware and support documents available to customers. Some even sell security technology products and services to their users.

If this column still doesn’t fully help you with questions about protecing your computer if you need personalized help with a problem, please see: Emergency Help.

Finished reading this page? Why not go try out GoToMyPC for free for a month – you can remote control your computer from anywhere. TechnologyTips uses it and thinks it’s fantastic!