|
|
|
1) Modems. Do you ever log into your computer remotely by dialing a number at your home that is connected to a modem on your computer? When you are traveling, it can be so convenient to use your lap top to phone into your home or work computer. Unfortunately, there are free programs called "war dialers" that search for computers reachable by phone, and then try guessing passwords.
It is illegal in many places to run a program that dials one number after another looking for modems. However, what if your work number is 999-9998 and your modem number is 999-9999? What if a snooper dials that number and a modem answers? What if you have no password, or one that one of these wardialer programs can find by trying the words from a dictionary or phone book? Mr. Snooper may be saying "thank you very much" as he downloads that database you have inadvertently made publicly available.
|
How to fix this problem: You can keep intruders out by using one of those programs that makes your remote computer first hang up on you, then dial back to your local computer. PC Anywhere is an example of a good program for remotely accessing your computer -- if used correctly. Back Orifice is a terrible example -- see below to find out why!
You say you never phone in to your home computer? Watch out, that doesn't necessarily mean you are safe. Try dialing into your computer is on to see whether your modem will answer. If it does, turn off its ability to answer. How to do this depends on the modem and your dialup software. Windows NT has an easy point and click way to forbid your modem to answer phone calls.
2) Easy passwords. If your computer can be reached over a LAN, by modem or from the Internet, an unwanted visitor can run a simple program to try to guess your password.
How to fix this problem: What makes a password impossible? You need to choose one that you can't find in an unabridged dictionary or in your phone book. It should be at least eight characters long, use both upper case and lower case letters, and include numbers or other characters. A name or dictionary word with one number in front or behind it is NOT a good password.
3) Shared files. If you do file sharing so that your coworkers can get information from your computer, you may be vulnerable to unwanted visitors from the Internet. You know how you access your coworkers' shared files? While connected to the Internet, if you don't have password protection on shares, the public, and your competitor, are totally free to access those same files.
How to fix this problem: Make sure you have passwords that are impossible to guess on all shared files. True, typing in those passwords slows you down. However, without passwords, you are making those files publicly available over the Internet.
4) Remote administration tools. Do you use a program billed as a "remote administration tool"? Those of us who have learned the hard way don't like any of them. However, there are two remote administration programs that are especially fishy: Netbus Pro and Back Orifice. Netbus runs on Windows NT while Back Orifice 2000 runs on Windows 95, 98 and NT. Sure, these programs make it really easy for you to reach your computer through the Internet and do absolutely anything you could do if you were sitting right in front of it (on the console). They also make it easy for intruders to control your computer. Normally the only reason you would have either of these programs running on your computer is to allow intruders inside.
The X-Force team at Internet Security Systems (http://www.iss.net) reports that Netbus can even turn on a microphone or camera if they are attached to your computer. So if your computer is infected with Netbus, some grungy hacker with tattoos and a mohawk hairdo could even be watching and listening to you. On To The Next Page
All times are GMT +1. The time now is 07:40 AM.
Back To The Fight-Back! Index
|
