SAFETY NET FOR THE INTERNET [Author: Arcadian Del Sol]
I. INTERNET CELEBS : WHICH ONE ARE YOU?
JOSE WASSAT
About ten years ago, this was probably the most popular type of internet user. Jose Wassat is something of an Alan Quatermaine and Charles Babbage rolled into one. He uses the internet like a hobby, and has no real goal or purpose when he is online. He tends to have his web browser automatically load a search engine by default. Sometimes, he knows what he is looking for, but for the most part, he tends to just type words into the query and see what pages he finds. He isn’t a “gamer” and he prefers to do his shopping at warehouses and malls. He probably has nothing to worry about if he is hacked because he really doesn’t do much beyond curious website browsing for self educational purposes. His computer could be on the sidewalk outside of his house, and it really wouldn’t present any security problems.
GOTSTA HAVITT
A fast growing breed of internet user, Gotsta Havitt is someone who sees an ad on TV for the Quad Buster and simply “gotsta havitt”. He gets online and finds an internet retailer who is offering the Quad Buster at a reasonable cost of four easy payments. He happily types his Visa Platinum card number and home mailing address into a web page, and clicks “send”. In six to eight weeks, he has his Quad Buster. In twelve to thirteen weeks, he is selling it on EBay. This person is probably the most vulnerable of all internet users. Once someone has your credit and personal information, on the internet, he can actually become you. This person needs to secure their computer, and needs to have it done no later than yesterday.
IMA GAIMER
In the last five year, Ima Gaimer has become the predominant member of the internet community. Tired of the deplorable state of Artificial Intelligence in computer games, Ima Gaimer has sought out competition with his fellow man on the internet. It takes him only six weeks to become tired of the deplorable state of his fellow man. Cheat codes, bug exploits, newbie bangers, you name it. They have ruined every ladder tournament, every round robin championship, and every double elimination competition he has ever been a part of. But he has found a few (very few) honest people who are all on his ICQ list. They participate in their own tournaments where the competition may not be quite as intense, but the integrity of the participants cannot be matched. This person is moderately vulnerable, but there are no serious concerns unless he plays any persistent state worlds, where a single ten letter password is the gateway to an account that might be worth thousands of dollars on the Black Market (aka EBay). Financially, he is not a potential victim unless he is also Gotsta Havitt. This person needs a firewall only if losing his online game accounts is a problem. If he doesn’t care, then he doesn’t have to bother. Odds are, however, that being “hacked” would devastate him, and would probably break the last of his spirit.
KENNY SHUTUPFIRWONTZ
A smaller class of internet user, Kenny Shutupfirwontz is something of a blue collar celebrity within his own social circle of internet users. He has a website, or writes for a website. His views are often abrasive and sometimes controversial – and any given day is another enemy made. More for malice than theft, hackers will find any way possible to make the internet a dark and cold place for Kenny Shutupfirwontz. They will attack his integrity, his career, his grammar, his hair color, the size of his eyes – and the more extreme will attack his computer. Kenny needs to secure his computer not for fear that his bank account might be overdrawn by a hacker from Belize, but for fear that his startup sound would mysteriously be changed to “Kenny is a homo and his website eats llama droppings!”. If Kenny isn’t using some kind of virus/invasion protection, Kenny needs his head examined.
II. LOOKING IN A HACKERS BRAIN: EGGS ANYONE?
Admittedly, when it comes to firewalls and virus scanners and network configurations, I am a wet Noob. So I asked a friend of mine who goes by the name Ima Supa. Lumophiles from way back might recall some of his earlier contributions to the Lum Legacy. So I asked him a few questions about hackers and firewalls and virus scanners a few days ago. I had a feeling it might be very important some day. I’ll let you know if that day ever comes:
Q: Why all the worry about computer security? I’m not a big corporation like IBM or anything.
A: The question you should ask yourself is “Would I let Joe-Schmoe use my computer or any data stored on it?” Most of us would answer “no” to that question. However, without proper network security, that is exactly what you are doing. There is a lot of personal information stored on one’s PC – a significant portion of which most people might consider “confidential” or at least “private”. If one uses some sort of home finance software such as Quicken, then all of one’s financial details could be available to malicious users, who might steal credit card numbers or bank account numbers – all without the victim’s knowledge.
Q: Okay, so I went to that shields up! web page and it said my NetBIOS was open. What does that mean?
A: NetBIOS is a protocol created by Microsoft that is installed by Windows by default when Microsoft Networking is installed. It is a good protocol for small Local Area Networks, as it has very little overhead (no routing information). The main problem with NetBIOS is that it is non-routable, hence the need to have TCP/IP installed when one would like to connect to the internet. When NetBIOS over TCP/IP is enabled, a huge security hole is opened. This is the default setting when TCP/IP is installed.
Q: Okay, I followed the instructions, and have my network protocols all sorted out and bound protectively. Now when I run the port test, it says they are all closed. So how do I make them “stealth”?
A: The difference between “stealth” and “closed” is that a “closed” port notifies the potential intruder that the port actually does exist. A “stealth” port notifies the intruder that there is no port, period. When an intruder does a port scan, s/he will obviously look for open ports first; however, if s/he finds closed ports on a particularly interesting or lucrative computer then s/he might turn to other methods of hacking into the system. Obviously, “stealth” mode provide better security. The way to get GRC to report that you are in “stealth” mode is to install some network protection software, typically referred to as “firewall” software. A firewall does exactly what its name implies: It protects whatever is behind it from the outside world. If you install a firewall on your computer, then you are ahead of the game, and chances are that would-be hackers will pass your computer up for an easier target that doesn’t.
Q: I looked around and firewalls are pretty expensive – I don’t think I can afford to run a Sun Workstation just to protect my computer on the internet.
A: Most enterprise solution firewalls are much more than the average computer user needs at home – they are intended to support hundreds or sometimes thousands of connections and are programmed as such. There are several inexpensive shareware and freeware firewall solutions available, which are made specifically for a small number of users. Perhaps the most popular is ZoneLab’s ZoneAlarm Firewall, which for personal use is free. It has a very intuitive interface and is easy to setup. Please note that the current free version of ZoneAlarm does not work with NAT based internet connection sharing software such as Windows Internet Connection Sharing, SyGate Home Network, or WinGate. Another free firewall is SyGate Personal Firewall, which is also easy to use. If you plan on using some sort of internet connection sharing software, then SyGate Personal Firewall is your best bet, as it incorporates nicely into SyGate Home Network.
III. TAP ONE MOUNTAIN, TWO SWAMPS, CAST WALL OF FIRE
There are way too many solutions to this problem, and every last one of them asks that you either earn your MCSE or stand around feeling intimidated and overwhelmed. Fortunately, some of these solutions are pain free and no brain is required. You will need a computer, and an internet connection.
SyGate Personal Firewall – free for personal use, $29.95 for business.
SyGate has the standard array of features such as default security levels, the ability to specify what programs you allow to use your internet connection. It has been criticized for being a wee bit testy at times, but is regarded as one of the better firewall solutions you can buy. I installed it for a day, but found the interface didn’t exactly thrill me. The documentation was a bit slight, but with some help, I was able to configure the firewall to my liking. It didn’t detect anything “funky” with my computer which doesn’t sound important right now, but file that little factoid for now. I’ll ask you to recall it in a moment.
BlackIce Defender – $39.95
I’ve used BlackIce Defender for nearly a year now, and was thrilled to see that OSI had created a discount purchase program for current UO account holders. From the moment I first installed BlackIce Defender, I was amazed at how many people were trying to get into my computer. I recorded an average of thirty connection attempts A WEEK. But upon further investigation, I discovered than about 28 of them were “false alarms”. If someone walks up behind you and says, “hey watcha doin on the computer there?”, BlackIce will generate a klaxon and a flashing light. If your ISP routinely ping-pongs you to see if you’re still there, BlackIce will call in the Marines and lock down the port. If nothing else, it is a paranoid piece of software. If your IP number is not fixed, you might inherit a number someone had been using last week as an FTP host – anyone who innocently tries to access this former FTP will generate a full scale DefCon 4 alert from BlackIce Defender – and you might wind up turning in a “hacker” who wasn’t really doing anything wrong. Another major complaint is that BlackIce Defender is a resource pig. It gnaws away at your computer’s resources, and it erodes your connection speed by inspecting every packet like luggage at an airport terminal. If you are even remotely related to Ima Gaimer, this is a concern.
Zone Alarm – free for personal use, $19.95 for business
Zone Alarm is what I am using now. It installs fast and easy, and the configurations are “idiot proof” – something I look for in anything I purchase. You can establish “security levels” for both local applications as well as internet programs. The first time I ran Ultima Online, it popped up a window asking if I wanted this program to use the internet. Of course I said yes. Basically, nothing uses the internet unless you inform Zone Alarm that you want it to use the internet. Now, remember earlier I mentioned something I wanted you to recall? Both Sygate and BlackIce installed on my computer and while one of them reported nothing doing, and the other reported every fluctuation in the barometric temperature near my window, neither one of them was able to catch what Zone Alarm caught.
While searching for a shareware utility to convert some audio files into a playable CD, I downloaded a program that included irritating ad banners. No big deal I thought. Boy was I wrong. It turns out that this banner program was collecting my internet habits and things about me, and sending them to some giant marketing collection company. According to the rules (and the law), I’m supposed to know this is going on – but what do you know? It wasn’t documented. Zone Alarm noticed that some program on my local machine was sending data out the moment I connected to the internet. I blocked this program from using the inbound and outbound routes. After doing some web hunting, I found documentation detailing how to remove this program from my computer’s registry (oddly enough, it contains no uninstall functions). Because Black Ice and Sygate did not discover this, my vote has to go to Zone Alarm.
IV. YOUR END OF THE LESSON
Recently, there have been a few reports of UO players being lagged out of their connections by other players. I have witnessed and experienced this personally. The way this is done could be the result of “packet bombing” your connection (note: this is a criminal act), or it could be some kind of manipulation of the UO client itself. Some of the clues point to either the party system in UO, or do the translation terminal. The connectivity problems are usually predicated by someone spamming text on screen. Presumably, the flawed translation program might lag if it is trying to figure out what the hell is being said, and is confused. In either circumstance, a firewall will not be much protection. But if you are in fact, being “packet bombed” at least the firewall will tell you this is happening, and will provide the necessary information you need to deliver to his ISP in order to get this person evicted from the internet.
I focused on firewalls here, but keep in mind that this is not a total solution. You should also be running the latest version of your virus protection software -Protect yourself. The best way to get started is to visit this website: Shields up!. Run both of the tests you find there, and find out where your security holes are, and what solutions you need in order to lock them down – and remember: you don’t know anybody on the internet, and everybody you meet there is a potential hacker.