http://australianit.news.com.au/articles/0,7204,12819346%5E15841%5E%5Enbv%5E,00.html Angus Kidman and Anthony Fordham APRIL 12, 2005 THE release of Windows 95 10 years ago marked a key turning point in the evolution of the consumer internet. Built-in support for core internet protocols in Windows 95, combined with rapid growth in the number of consumer-focused internet service providers (ISPs), helped transform the net from a specialist geek pastime into something everyone wanted. In 2005, it's much simpler to get connected to the internet, and even easier to fall victim to myriad security threats. "There's all this malicious stuff out there, and 10 years ago there wasn't that much,'' says Sean Richmond, senior technology consultant for computer security software company Sophos. "The internet in 1995 was a reasonably safe place to wander around. Now it's got that feeling where you have to be on guard. You have to be on the ball a lot and pay a lot more attention to what you need to do to be safe." The threat of viruses was alive and well in 1995. However, the evolution of malware (code designed to either damage your computer or steal resources and information) has put a wider range of threats on centre stage. "There's a constant hum of malicious code roaming the internet," says John Donovan, managing director for Symantec for Australia and New Zealand. According to Allan Bell, Asia-Pacific marketing director for McAfee, the history of malicious code can be divided into five broad stages. In the pre-network era, roughly from 1986 to 1995, viruses spread largely via floppy disks. Over the next four years, macro viruses in popular applications such as Word and Excel dominated. Between 1999 and 2001, mass-mailing viruses that distributed themselves via email took centre stage. >From 2001, blended threats that combine existing technologies became predominant. More recently, "content invasion" problems such as spyware (which invisibly tracks what you do on your PC) and phishing (which uses "social engineering" to try to access sensitive information such as credit card details) have become dominant. Computer security group Trend Micro says the broad virus problem has not disappeared. It reckons more than 8 million systems were infected in the first three months of this year. "Viruses and worms do still infect systems, but it's less obvious. Trojans are by far the most common things we're seeing now," Sophos' Richmond says. However, it's the sheer range of potential attacks that now poses the biggest challenge for consumers and security companies. McAfee's Bell says: "Threats in the past have been very much mass-market threats. The trend you'll see in the future is more customised and personalised attacks." New technologies create new risks, managing director of internet service provider Netspace’s Stuart Marburg says. "Consumers are putting themselves at financial risk by not securing their wireless networks, leaving their broadband connection open for anyone to use their account to check emails and surf the internet," he says. A core change in recent years has been in the profile of the typical malware writer, senior product manager, security, at Microsoft Australia Ben English says. "Organised crime has taken an interest in the internet as a route to market," he says. "Money is now the predominant driving factor, and the sophistication is increasing. We've moved away from a nuisance attack model into a more crime-based scenario." There's no room for naivety on the net, Richmond says. "There's a definite interest in ripping people off, and that's making the internet less fun," he says. "The amount of adware and spyware is driving people away from the idea of browsing around for its own sake." With that said, the biggest problem for most consumers is their failure to keep their systems up-to-date with software patches and updates. "One problem is the rate of change," Bell says. "We're seeing multiple vulnerabilities emerge every day, but multiple patches are just not realistic for the average consumer." Lack of education and awareness among users is a big problem. "You can choose to use a different browser, but you have to know you're able to do that," Richmond says. Such solutions are often short-term in any case. For instance, in its most recent Internet Security Threat report, Symantec noted that while Internet Explorer continued to display more serious vulnerabilities, "alternative" browsers such as Firefox were increasingly being targeted. Many consumers also incorrectly assume that newly-purchased PCs will be up-to-date and secure out of the box. "One of the most unsafe things you can do is buy a brand-new PC and plug it into a broadband network and see what happens," Donovan says. Richmond says: "You can be part of a botnet within 15 minutes of connecting an unprotected system to the internet." With any new system, experts advise downloading patches for all key applications and ensuring security software is set up before performing any other tasks. While future trends may be difficult to predict, one thing is certain: PC security problems aren't going to go away. "Anywhere there's software, there's going to be vulnerabilities," Bell says. But regular updating of security software combined with a healthy degree of cynicism will protect users from most problems. Marburg says: "The key to internet security is common sense. As an ISP we can provide pre-emptive measures to safeguard our customers from viruses, but we can not reach into their computer and stop our customers from handing over their personal information online or downloading files from the internet." Richmond says: "You don't need to be terrified and paranoid, you just need to be informed. Don't make a target of yourself and act like an idiot." In other words just exercise some good common sense. KEEPING YOUR PC HEALTHY THE maintenance involves a combination of proactive and reactive tasks designed to keep your machine in perfect running order. Here are the most important. Windows security updates Nearly as effective as antivirus software, staying on top of Windows security up-dates will keep your machine in good running order. Automatic updates will alert you whenever there is a new fix or patch, but you can also select Windows Update from the Start menu. Be sure to install new service packs as they are released, but take the time to read accounts online of how the service pack has affected users so you can be prepared for any potential teething problems. Fresh install Recommended for the experienced user only, the ultimate solution to instability is a complete fresh reinstall of all your software, including Windows. Make sure you have everything you need on disc, not forgeting applications such as word processors, games, and, of course - your personal files. Delete Windows at the hard drive partition level, by using the command line instruction FDISK. If you reinstall over an old copy of Windows, it may not fix the instability. You can benefit from a complete reinstall every 18 months or so, but the operation is incredibly risky and not recommended for inexperienced users. Control installations When installing a new program, don't let the installer choose the folder. Most applications put themselves under Program Files, which results in a huge list of folders that can be difficult to manage. Creating a logical folder structure will make it much easier to find programs as you need them. You can mirror this structure in the Start menu. Use Windows Explorer to find your username in Documents and Settings, then select Start Menu and create program groups according to your own filing system. This prevents Start Menu bloat, which can occur if every application is allowed to create its own program group. Dusting Modern components are pretty tough, if not subjected to unusual conditions such as damp or cockroach infestation. However, dust has the potential to build up inside fans and on sensitive electronics, which runs the risk of short-circuiting your machine and killing the motherboard. Use a can of compressed air to blow dust away from components, but don't hold it too close since most use an aerosol that could cause condensation to form. Be aware that you run the risk of voiding the warranty if you open the back of your machine. Dust shouldn't be a problem for at least the first year, by which time most warranties expire. Uninstall, don't delete Because you can delete a file by dragging it to the Recycle Bin it can be tempting to do this with applications such as games or internet related programs. But deleting this way leaves parts of the application still on your PC in other folders, which will slow performance. Instead, go to Control Panel, choose Add or Remove Programs and select the application you want to uninstall from the list. The uninstall wizard will say if you have to delete anything manually. Update virus software Installing an antivirus suite will only keep you protected for as long as it takes hackers to come up with a new virus. You need to regularly update antivirus files, available from your antivirus suite's website. The files will configure the software to be able to detect and block new viruses as they are released. Most software can now do these updates automatically, but it's worth checking for new image files every two weeks. A LITTLE KNOWLEDGE CAN BE DANGEROUS A LITTLE knowledge can be a dangerous thing, according to network manager James Bannan. He says the biggest threat to a large network is users who think they know how to configure their own computers. "You might know a little bit about networking and how to turn on a feature, but you probably don't realise what you're exposing the network to," he says. Bannan is deputy systems manager at St Leonard's College in Melbourne. In a previous position at Price-waterhouseCoopers, Bannan had to deal with a network heavily infected by an Internet Information Systems (IIS) virus. "We came in to work one day and the whole network was running slow. The first couple of requests to the helpdesk were along the lines of, my PC has crashed, my mail won't open." Bannan says. "It's hard to immediately diagnose a virus attack because the problems it causes can be so generic. We told the first five people to just reset their computers, but pretty soon we realised the problem was much more widespread." He says the virus the team eventually identified was designed to spam a network with traffic to slow it down and inconvenience its users. "Basically, these viruses are written to exploit security holes in later versions of Windows, such as 2000 and XP," he says. Bannan believes the virus coders are ideologically motivated. "A lot of these guys are proponents of the open source standard and are really anti-Microsoft." He says the virus got into the network because employees were taking their laptops home and using IIS features to enable them to connect to the work network remotely. "These were DIY configuration jobs. These guys knew enough to turn the system on, but not enough to lock it down and protect it from attacks. It took us more than a week to eradicate the problem." Viruses aren't the only thing that can hang a network. Bannan says many types of naive configuration can be dangerous. "Here at St Leonard's College, we had a problem with a user who had taken his laptop home and used Windows bridging functionality to configure an Ethernet-based network card with a wireless card. "When he came to school and plugged his laptop back in, he forgot to turn off his wireless and the network got itself into an infinite loop and hung. It took us quite a bit of time to identify the problem and track down the offending user," Bannan says. His message to anyone who uses a complex network is simple: "If you don't know what you're doing, 100 per cent, please don't turn on any features or change your settings. "It makes life very hard for network managers." However, Bannan admits his primary role is to protect users from themselves. He says most people can't be expected to understand the inner workings of a big network. "Networking can expose you to considerable risks. Even peer-to-peer file sharing can be very dangerous unless you know how to configure it properly," Bannan says. _________________________________________ Network Security - http://www.auditmypc.com Free vulnerability test - How secure is your computer?
This archive was generated by hypermail 2.1.3 : Tue Apr 12 2005 - 05:45:14 PDT