Computer security information for broadband
Posted Tuesday, May 17, 2005
Filed under: Computers, Computer security
Do you know what your computer does when you're sleeping? Ever wondered what all those tiny chirps and flashing lights meant? Here's an answer that might not be as innocent as you'd have thought...
The most harmless answer would be that your computer is prettying itself up for you: keeping up to date, fresh of viruses, orderly and quick. It's not even impossible, but don't just assume that's always the case.
The broadband threat
If you're running broadband (and you probably are, statistically speaking) then you probably have a static IP address (numbers that tells the websites and services where to send the pages and mail and everything you ask). This static IP can be used to talk to your computer through means you don't even know about.
The ugly truth:
Anyone can try to attack you through this IP. (A dynamic IP won't do much against this either, unless it changes every minute at least).
The attack usually follows this pattern: the attacker launches a program, tells it to scan* a range of IP addresses (they don't even need to know your address to attack you!) and orders pizza. By the time the pizza is eaten s/he will have the IP of a lot of computers to infect with viruses, trojans and other niceties.
How can this be?
- Because most people use simple passwords (words, for instance, or common names, or even nothing) that can easily be guessed.
- Because your firewall** forgot to lock some ports.
- Or because your OS is not patched against some recently discovered vulnerability (if you're running windows, it's most certainly the case -statistically speaking again).
What next?
The attacker can now send your computer instructions and have it do whatever instructed. Including hosting illegal material, flooding mailboxes with spam or viruses, slowing down entire websites or networks (ddos) or even scanning for other targets.
I don't believe you!
Still not convinced? I examined my security logs and they showed an average of 4, but up to 8 scannings a day! Their IP tells me that most attacks came from Asia but also from Europe or America (at least the computer used for the attacks, which can well be remotely controlled, so as to slow down investigation).
So what can I do?
- Use a password for every account on your computer
- Setup a firewall
- Program your antivirus to download the latest virus definitions every day and check your computer every week
- Use programs not plagued by security issues (firefox instead of internet explorer and thunderbird instead of outlook is a good way to start)
- Never allow websites to install software on your computer if you're not certain of what it contains
*"Scanning" is simply trying to plug into every port on a computer (think of them as sockets, just like the ones you plug your printer/mouse/etc...).
**a firewall is a program whose task it is to "hide" open ports on your computer from unauthorised callers.
Disclaimer: please forgive me for any typo or imprecision, the purpose of this text is to educate, not overwhelm with information.
Comments disabled because of spammers.
comment #1 On 17/05, BenF wrote :
Sorry, I was one of the guys who attacked your computed... I didn't do it on purpose
comment #2 On 17/05, Lucie wrote :
Alors je t'avouerais que les posts qui parlent d'informatique, je ne les lis pas toujours jusqu'au bout, alors l'informatique en anglais...
Quelle flemmarde, hein?
comment #3 On 17/05, Korbo wrote :
Je compte le traduire, ca vient... Mais tu as bien du saisir le principal, non? Alors, ce mot de passe? T'en as un sur ton téléphone, pourquoi pas sur ton ordi? Lequel est le plus précieux à ton avis..?
Je me permets de répondre pour Lucie :
« Depuis que je suis en Lettonie, je lutte pour trouver des cybercafés afin de ne pas perdre le contact avec mes proches. Alors, le mot de passe de mon portable, tu sais... »
Merci Ben, c'est un bon resume de la situation
