Internet Security Threats

The Internet provides a wonderful means of exchanging information, but no one wants sensitive information on their computers to be stolen or destroyed. Hackers and worms are constantly on the lookout for computers with security vulnerabilities connected to the Internet. Unfortunately, whether it's due to a lack of knowledge, tight budget, or sheer laziness, too many of us don't protect our own data.


Common Hacker Exploits
Once a hacker finds a computer with open ports they probe further to see if software behind each open port contains buffer overflows, outdated software or misconfigurations.

If a hacker finds one of these vulnerabilities they may attack your computer. Here is a partial list of the things a hacker could do to your computer if it has vulnerabilities:

1. View Your Passwords - If a hacker has access to your computer they may have access to files stored on your computer where passwords are kept. Sometimes passwords are stored in normal text and sometimes they are encrypted. Either way, a hacker can probably crack the passwords you use on your system so they can continue to access your computer.
   
   If you access your company network from home then this becomes especially dangerous. The passwords you type to access your company network may be stored on your home PC. A hacker may be able to break into your corporate network because your home PC was not secure.
   
   
2. Watch Everything You Do - If a hacker installs remote control software then you are no longer safe. Remote control software allows a hacker to view everything on your computer as you do. If you view your personal banking information on your computer then so does the hacker. Also, remote control software allows a hacker to record keystrokes typed into your computer. So your passwords are no longer safe and should be changed.
   
   
3. Install a Zombie - Zombie software allows a hacker to "make" your computer attack other computers on the Internet. Once Zombie software is installed on your computer you will not know it is running. If Zombie software were installed on your computer right now you could be attacking the website of a large corporation. The corporation will trace the attack back to your computer and you will plead ignorance. In European countries you are now liable for damages to others if a hacker is using your computer for attack purposes.
   
   
4. Copy Files From Your Hard Drive - If you have network shares set to READ for the group EVERYONE then a hacker may be able to copy your data. If you have personal accounting data or confidential files on your computer then a hacker may have already copied that data. Accounting software, word processing, spreadsheet, and most applications don't use good password encryption schemes. Most passwords for these applications can be cracked easily.
   
   
5. Copy Files To Your Hard Drive - If you have network shares set to READ/WRITE for the group EVERYONE then a hacker may be able to copy files to your computer. Why is that a problem? This is how hackers install remote control software. Or they may decide to copy viruses to your computer, or ruin the configuration of your computer, or store pornographic material for later browsing or whatever.

Return to the Desktop Check page.



Vulnerability Detection

What makes a computer vulnerable to hackers and worms? Whenever a computer starts a program that program uses a port. Each port has a number from 0 to 65,535. For example, most web servers "listen" on port 80. When you connect to a web server your web browser is really connecting to port 80 on that server.

Every program running on your computer opens a port and almost all programs have known vulnerabilities. Hackers and worms try to break into your computer by attacking your computer ports. Most security experts recommend turning off all unnecessary programs or services on your computer.

Sometimes you need to run programs on your computer and you can't simply turn them off. This is when firewalls come into play. Firewalls "filter" all ports on your computer. This stops everyone from accessing your ports while allowing you to run as many programs as you want.

Sounds great. The problem is that firewalls will often stop certain programs from running properly. Some programs will not function if their ports are blocked. A good example is webserver software. If a web server is using a firewall and all access to port 80 is blocked then no one can connect to its web server. The system administrator would then open port 80 so the web server would function properly.

Even if you are using a firewall a port that is open and accessible by others may have security weaknesses. A firewall doesn't provide any protection for open ports. An attacker doesn't care if you are using a firewall as long as your ports are open. And to make matters worse, many firewalls themselves have vulnerabilities since they are programs running on your computer or a device in front of your computer. See BugTraq for a list of vulnerabilities for any firewall, application or operating system.

So what can you do if you must have some open ports on your computer? The best solution is to test for vulnerabilities on your computer and see if any weaknesses are detected. Then apply the security patches provided from the vendor. This keeps your computer safe from attackers while allowing you to run the programs you desire.

SecurityMetrics Desktop Check tests your computer for over 4400 known security vulnerabilities. Once a vulnerability is detected then we provide in-context instructions to help you immediately improve your computer security. Using Desktop Check any computer can become secure with or without a firewall.

Return to the Desktop Check page.



What Your ISP Isn't Telling You

There are many Internet Service Providers (ISPs) to choose from. Each ISP has its own customer security policies. Many ISP's do not provide their customers adequate Internet security.

One way to tell how much security your ISP is providing you is to try our Free Port Scan service. It only takes a minute or two and no registration is required.

If you look at the graphic and text at the top of the Port Scan page it offers a clue as to how much Security your ISP is providing. If the graphic and text at the top of the page say "There is a router, proxy, or firewall between you and the Internet." then your ISP may be providing some security for you.

If the graphic and text at the top of the Port Scan page say "No router, proxy, or firewall was detected between you and the Internet. Our system is scanning your computer directly" then your ISP may not be providing any security measures.

If you have a direct connection to the Internet and you have open ports then we recommend you run a Desktop Check to secure your computer. Then we recommend you use a firewall to further protect your computer against unauthorized access.

Return to the Desktop Check page.



Software Patching

Misconfigured, buggy, and outdated software can all compromise your computer security. Software vendors regularly release buggy software and then issue downloadable patches (or updates) later on. It is up to the home user (or IT administrators) to regularly apply new security patches.

One of the most common methods for hackers and worms to gain access to a computer is by exploiting known problems in software for which patches exist. For example, Microsoft released many patches for Internet Information Server (IIS; a web server program) months or even years before the "Code Red" and "NIMDA" worms appeared. Anyone who had downloaded the patches earlier was not affected by either of these worms.

Achieving and maintaining computer security is a process not an event. We recommend frequent checks and application of security patches to keep your computer secure.

Return to the Desktop Check page.