Security and Privacy Tips
in association with Yorkshire Free Humour

Who is at the other end? In yesterday's tip, I repeated my suggestion to protect your PC from intruders with firewall software. The most common question I receive on this subject is this: "ZoneAlarm's manual talks about using Whois and traceroute to track down who is attempting to gain access to my computer. Where do I find such programmes? The manual didn't say. Tonight alone I am up to 33 alerts and still counting. Many seem to come from certain IP addresses--there are about 14 different addresses in those 33 alerts. This is an eye-opening experience; I'm sure it has been going on for quite a while and only now is manifesting itself due to the firewall. This reinforces my belief that one should keep important information strictly in off-line computers." If he wishes, he can go to http://grc.com/cb-faq.htm where one can read about and learn where to find utilities, like Sam Spade, that make tracing intruders easier. As for myself, I'm too busy to do that, and agree with something else in that FAQ: "Remember that you came to Shields Up because you were concerned about the security of your machine. You wanted to turn it into Ft. Knox to foil these script kiddies. Well, now imagine you're living in Ft. Knox. Are you really going to be concerned about people shooting paper straw wrappers at the walls?"

Targeting you A reader writes: "I am temporarily using an older computer with an external modem. All day long I noticed that at times when I was not downloading or doing anything whatsoever on the Net, I saw the RD & SD status lights (Receive & Send Data) flashing like crazy. In fact, as I write this--and I'm not doing any Web, e-mail, or other Internet-related tasks--those lights are still flashing like mad. I feel like some unknown person or organisation is taking over my computer. This is positively eerie." As I wrote last month, a computer connected to the Internet (especially directly, such as with a cable modem) runs the risk of intrusion from anyone anywhere on the Internet. So many people have written back to me on the subject that I'll repeat my advice: Install a firewall to protect your computer from others. Go to: http://grc.com/default.htm and click the Shields Up link. Test your PC's security and you'll see what I mean. From there, you'll find a list of firewalls, one of which is free for non-commercial use--ZoneAlarm from Zone Labs. You can check the company's Web site for more information on the product: http://www.zonelabs.com

Evil or no If you're using a firewall, you may have noticed that some days it warns you many times of would-be intruders, and other days you receive no such warnings. One reader explains, "I do not think commercial sites have anything evil lying in wait when they probe you (at least nothing more evil than the dreaded cookie). More likely, they were trying to update details from users who previously had your newly assigned dynamic IP (very few ISPs assign static IPs to dial-up customers). Other contacts may come from a variety of sources, like a user running a server who had your previous address; instant messaging programs looking for the wrong IP; and yes, even people scanning a range of IP addresses for malicious purposes." He also pointed out, "ZoneAlarm is unique in that it keeps unauthorised outbound traffic from leaving your machine. A program available at grc.com called OptOut, though very tiny, quickly finds the word spyware on your system and removes it. Most people do not know they even have such Internet usage tracking tools installed on their machine. I suggest you run it. You may be surprised at what you find. If you do not use much freeware or shareware, it may find nothing; but you're always better safe than sorry in future."

Can someone steal your password with a Trojan? A reader wrote: "I came home and tried logging onto the computer. I couldn't. After trying several times and continuously receiving the message 'Incorrect password,' I decided to call my ISP. They told me I had been kicked off the system as that day I had sent 500 pieces of pornographic e-mail in a 15-minute period to people all over. I tried telling them I didn't do it but they wouldn't even listen to me. They told me my account had been terminated and I could reapply in 6 months (something I will never do). No one lives with me or has access to my account, ID, or password, yet mail was sent using it. I think something should be done to computer hackers instead of the innocent person having to pay." Yes, there is a way to stop hackers. Don't run or open file attachments sent to you. From what you have written, it appears that at some point you did so, and that file attachment was a password-stealing Trojan, which sent your password out. Using your password and your ISP's software, the hacker was able to log in as you and do whatever he or she wished with your account.

Henri Delger henri_delger@prodigy.net http://pages.prodigy.net/henri_delger/

¦ Your Internet Identity ¦ Web Trackers ¦ E-mail ¦ Snoopers ¦  ¦ Resources ¦