[ISN] Experts say stymie hackers by using several safeguards

From: mea culpa (jerichoat_private)
Date: Wed Jan 20 1999 - 16:34:08 PST

  • Next message: mea culpa: "[ISN] Security Strategies Refined As ERP Apps Move To Web"

    http://www.amcity.com/buffalo/stories/1999/01/18/focus3.html
    January 18, 1999
    Experts say stymie hackers by using several safeguards
    David Troester   Business First
    
    If your company has a computer, a computer system or a series of computer
    networks with online Internet access, then it's vulnerable to "hackers"
    and "crackers." 
    
    How do you safeguard a computer system? 
    
    Firewalls are the most common method. Firewalls check passwords and other
    ID of users seeking system access from the outside. 
    
    "It's a piece of equipment or a piece of software that runs on a
    computer,"  said Michael Rockwell, CTG principal consultant. 
    
    Firewalls may filter by address or actually interrogate a message. Hackers
    often attach a file to e-mail which, when opened, can damage a system. 
    
    "It's like placing a landmine somewhere and just waiting for somebody to
    step on it," said Natalie Neubauer, business manager at PC Expanders Inc.
    in Amherst. 
    
    Firewalls can vary in price, depending on the system and needs, from
    hundreds to thousands of dollars. 
    
    Passwords are another way to keep out hackers. 
    
    Each system user should have a password, typically known by only the user
    and system administrator. Passwords should not be common, trite or
    familiar words, names or dates. 
    
    "We suggest a combination of both characters (letters) and numbers," 
    Neubauer said. "We always tell our users, `If you can't remember the
    password then it's a good password.' " 
    
    System users should be required to change passwords on regular intervals,
    monthly is recommended for best safety. 
    
    "Never send your password through e-mail. The e-mail can actually get
    snatched, and they can get the information out of the e-mail," Neubauer
    said. 
    
    Encryption is another good way to safeguard a system from outside
    invaders. 
    
    Encryption software essentially scrambles information sent across a
    network in a code, to be decoded by the intended receiver. 
    
    Private and public keys are the most common form of encryption. 
    
    "Essentially what happens is you generate a key pair. One of those keys
    you keep for yourself, which is a private key and then the public key you
    make available to everyone," said Rockwell. 
    
    Tracking and recording of information and messages sent on a network also
    may avert potential hackers from hacking. 
    
    Most systems, encryption programs or other software log network activity. 
    For example, PC Expanders' ISP operating system uses Lynux software to
    monitor activity and has traced malicious users in the past. 
    
    Tracking also can identify the password and equipment used to enter a
    system during an inside intervention. 
    
    "What I keep hearing is most of the things that happen are internal," said
    Stephen Adorian, president of Cybernetic Communication Systems Inc. in
    Lockport. For example: "People want to find out what the guy is making
    down the hallway so they get into employee payroll records," he said. 
    
    Smart Cards can protect a system in a method similar to passwords with
    much heightened security. About the size of a credit card, they are used
    for access to a system and generate new entry codes about every minute in
    synchronization with system entry points. 
    
    "Those actually work really well," Neubauer said. "Even if you are on the
    Internet and someone snags that password, it changes within 60 seconds." 
    
    Smart card software costs about $500, she said. The danger of smart cards
    arises if the card is lost or stolen. 
    
    Biometrics is another sophisticated way to protect systems, but used only
    in high-security organizations. Biometric technology allows system access
    by scanning thumb prints, eye retinas or other physical characteristics. 
    
    "There's not much of a request for it around here," Neubauer said. 
    
    System administrators and computer professionals agree no system is hacker
    proof. System upgrades, software patches and monitoring need to occur on a
    regular basis to maintain defense against invaders. 
    
    "You can set up different kinds of equipment so that just like moats of
    old it's going to take somebody to swim through the alligators to get to
    your machine," Adorian said. 
    
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:16:29 PDT