 |
FREE CABLE MODEM! When You Order Internet Service with Comcast, Cox or Charter |
Comcast $100 Cash Back! Road Runner High Speed Charter Cable Internet Cox High Speed Internet Mediacom Broadband Internet |
Broadband Internet Security Basics
The ABCs ... and XYZs of protecting your always-on, high-speed connection
Hacker attacks on popular Web sites like Yahoo! -- and the prospect that they can happen just about any time -- have heightened consumers' concerns about the security of their own computers.
The so-called "denial-of-service" attacks that have hammered Yahoo! don't pose much of a threat to cable modem users in the home. Yet there are ways that hackers, viruses and other scoundrels lurking on the Internet can pierce your broadband bubble. But rather than live in fear, you can take some common-sensical precautions that will protect your computer-bound files, as well as your privacy.
Avoiding Virus Infections
At the top of the list of Internet risks are viruses: malicious programs intended to destroy data on your computer or crash targeted software applications. Viruses can be attached to e-mail messages -- even ones sent by unwitting friends and colleagues. Rermember the Love virus? How about Melissa? Viruses also can be pushed to your computer through interactive Web applications, including Java applets, ActiveX code and poisoned cookies.
The best way to combat virus threats is to install anti-virus software, such as McAfee VirusScan or Norton Anti-Virus, that automatically scans files received via e-mail. It's also a good idea to run the programs regularly to check for viruses that may have penetrated your computer through a stealth delivery method.
To avoid rogue applets, ActiveX code and cookies, try not to visit unfamiliar Web sites, particularly sites that look as if they're run by shady characters. You also can configure your Internet Explorer or Netscape Navigator browser to require your approval before downloading these types of applications.
IP Address Issues
Every Web site has a permanent Internet Protocol (IP) address, which is a number. Domain name servers (DNS) redirect requests, such as an Internet user typing www.cable-modem.net into their Web browser, to the corresponding IP address number. Simplistically put, it's similar to telephone directory assistance providing the phone number for an individual or business name.
Whenever you go online, your Internet service provider (ISP) assigns your computer an IP address. When you request data from a Web site, that address is used to deliver your information. However, if a hacker can lock in on your IP address, he can try to break in to your computer, just like he would with a Web site. A mischievous hacker may leave behind a nasty note, informing you of the break-in. But an online thief may be looking for credit card numbers, bank accounts or passwords to subscription Web sites. Sophisticated hackers may even plant a so-called "Trojan horse" on your computer -- software that will let them sneak back into your computer at will.
To protect users, most ISPs use dynamic host configuration protocol (DHCP) to temporarily assign an IP address to subscriber computers. With DHCP, a computer is "leased" an IP address. Periodically, that address will expire, which will force the computer to request a new one. This strategy best protects dial-up Internet users who go online only for brief sessions. Each time they log off and dial in again, they're usually assigned a new address.
However, dial-up users who stay online for hours may have the same IP address for extended periods. That, in turn, will give hackers a chance to connect to their computers. That risk is highest for DSL and cable modem connections. That's because the devices are always online, and users are sometimes assigned a fixed IP address.
Thwarting Hacker Attacks
While dial-up and broadband Internet users are at risk from hackers who can access their computers through their IP address while online, precautions can be taken to minimize the danger.
First, it's essential that Windows 95/98 and Macintosh computer users disable the file- and printer-sharing capabilities on their machines. These features are intended for use on private, secure local area networks (LANs), because they give users full access to files on a computer's hard drive, as well as to printers attached to the computer.
Shunning Sharing for a Windows 95/98 PC:
- From the Start menu, choose Settings, then Control Panel.
- Click the Network icon. A window appears. Click the Configuration tab.
- Click the "File and Print Sharing" button. A window pops up.
- Make sure the "I want be able to give others access to my files" check box is blank.
- Make sure the "I want to be able to allow others to print from my printers" check box is blank.
- Click OK.
- Click OK again and the changes should take effect immediately. You don't need to restart your computer.
Shunning Sharing for a Mac:
- Open the Sharing Setup control panel.
- In the File Sharing section of the window, make sure you see the message, "File sharing is off." You should see a Start button to the left of the status box. If there's a Stop button, click it.
- A dialog box appears, asking, "How many minutes until file sharing is disabled?" Select "0" and click OK.
Personal Firewalls
Disabling file- and printer-sharing functionality is a basic safety measure, like locking your front door when you leave the house. But there are more steps you can take to protect your computer and privacy while on the Internet.
The easiest is installing personal firewall software. Continuing with the house analogy, a firewall is like a security system that detects and prevents intruders from entering your property.
Personal firewall software monitors your computer for suspicious activity while you're online. Inbound intruders are stopped before they can get into your computer, and a record of the repelled attacker, including his IP address, is stored. That way, you can give the information to your ISP or the attacker's to help crack down on illegal behavior.
Personal firewall software is inexpensive -- usually under $40 -- and easy to install. Good personal firewall software also will protect you from hostile cookies, applets and ActiveX controls while you're surfing the Web. And because so many programs can be purchased online and immediately downloaded for installation, we think it's an ideal investment if you have a cable modem or DSL connection, or if you're a heavy dial-up modem user.
Among the leading Windows 95/98 personal firewall software products:
| Product | Vendor | Price |
|---|---|---|
| BlackICE | Network ICE | $39.95 |
| Guard Dog | McAfee.com | $29.95 |
| Norton Internet Security 2000 | Symantec | $53.95 |
| Tiny Personal Firewall | Tiny Software | Free |
| ZoneAlarm 2.0 | Zone Labs | Free |
Among the choices for Macintosh users: DoorStop Personal Edition from Open Door Networks and NetBarrier from Intego.
After installing one of these programs, you may be shocked to find how many troublemakers on the Internet are taking the time to probe your computer. But thanks to a personal firewall, you can take comfort in the fact that you've secured your online connection.
Network Firewalls
If you've built a home network to connect several computers and share a broadband link to the Internet, you should consider installing a network firewall -- especially if you've enabled the file- and print-sharing capabilities on your home LAN. A network firewall is a separate hardware device that creates a secure barrier between your network and the Internet. Be sure the firewall you choose offers "stateful packet inspection," which is the strongest form of security for small networks.
Many broadband Internet-sharing devices (ISDs) include bundled firewalls that carry DHCP and network address translation (NAT) support. That lets you serve several computers on your LAN through a single IP address given to you by your ISP. Expect to pay at least $200 for an adequate firewall or ISD. Some top choices in this product category include:
| Product | Vendor |
|---|---|
| Watchguard SOHO 2.2 | WatchGaurd |
| UGate-Plus & UGate-3000 | UMAX |
| EtherFast Cable/DSL Router | Linksys |
| SonicWALL SOHO | SonicWALL |
| Webramp 700S | Nokia |
For More Information ...
Beyond this broadband Internet security primer, check out:
Developed by Gibson Research, this excellent site provides a wealth of information about personal Internet security, including an online tool that allows you to evaluate hacker vulnerabilities on your Internet-connected computer.
Navas Cable/DSL Modem Tuning Guide
This site, developed by John Navas, features technical details about Windows and Macintosh computer security, plus links to a long list of hardware and software firewall products.
A large, somewhat technical library covering many aspects of network security.
A project of Henry Markus, this site takes a simple, non-technical approach to the benefits of firewall technology. An excellent introduction to the field.
