Protecting Your Computer Against Invasions
By Gabriel Torres on May 10, 2005


Trojan Horses

With the popularization of broadband Internet connection, more and more users have their Internet connection active during all the time the computer is on. Even if you are not in fact accessing the Internet, the computer is connected. This way, such user tends to be more worried about invasions than the users who access the Internet through dial-up connections or users who don't have access to the Internet.

To start with, it has to be understood that a hacker can only invade your computer if you "let" him/her do it. For instance, a hacker can only invade your computer using a backdoor like Netbus and Back Orifice if you have that type of program installed in the computer. That type of program transforms your computer in a server, making it possible for anybody in the world to invade your computer and read your files (with the appropriate tool, of course). But who is crazy enough to install a program like type in the computer? Nobody, of course. They usually come as "Trojan Horses", that is, disguised as cool screen savers that a friend (a friend?) has sent you. Luckily, now all antiviruses recognize and remove that type of program, hence the importance of having an updated antivirus program in the computer.

Pay attention because nowadays Trojan Horses come in fake e-mails supposedly coming from banks and stock brokers. For example, in you have a checking account on Citibank and receives a fake e-mail saying that you should update your data and provides a direct link to do so, you might be tempted clicking on the link or even installing the software that may have come attached to this fake e-mail. DON'T DO SO! This link or software will steal your passwords and banking data! This technique, also known as phishing, is becoming more and more popular.

The best piece of advice? Don't click on links nor install softwares that come from people you don't know. Since a lot of people nowadays know about phising, people behind these scams are now sending e-mails saying that someone you love sent you an e-card or something like that, asking you to click on the provided link for you to read the lovely message. Don't be silly, don't click on these links! It's a Trojan Horse!
 
But, besides Trojan Horses, what other type of procedure a common user may unintentionally perform which will let his/her computer become exposed to invasions? File sharing. Let's explain more about this.

File Sharing

If your home or office computer is not connected to a network, the file sharing should be disabled, otherwise any hacker may easily read (and modify or delete) all your files in units that allow file sharing. To check and disable such sharing, go to Control Panel, click on Network and Internet Connections icon (or Network Connections, depending on how your Windows is configured), select your network connection and click it with the right button of the mouse, selecting Properties from the menu that will show up. Uncheck the File and Printer Sharing For Microsoft Networks box. This will disable file sharing and prevent your PC from being invaded.

Disabling File Sharing
Figure 1: Disabling file sharing.

If you have more than one computer at home or in the office and in case they are connected in a network, possibly you will need file sharing to exist after all, that is usually why we set up a network. Here you have some options to improve your network's security, depending on how your broadband Internet connection is being shared. Let's take a look at all posible options.

File Sharing (Cont'd)

If your broadband Internet connection is being shared using a router which is a small device where you plug in your modem and the computers you want to share the Internet connection, usually coming with four network ports , you are lucky. These home routers act as Firewalls and block any incoming request for folders and files. Thus, you can share files on your home or office network without worrying of being invaded by the file sharing method.

Broadband Router
click to enlarge
Figure 2: Broadband router, front view.

Broadband Router
click to enlarge
Figure 3: Broadband router, back view.

But if you don't use a router, you have to be very careful. In this case, probably the computer that has the Internet connection also has a second network card connecting this computer to another computer (usually through a cross-over cable) or even to a hub or switch, to share its Internet connection with more than one computer. In this case, the PC that has the Internet connection is vulnerable, because all computers on the Internet can access its files if file sharing is enabled!

There are some solutions. The best is to spend some bucks and buy a broadband router. As we said, this device also acts as a Firewall, protecting your whole network. Installing this device is very easy, just plug in your Internet connection (the cable that comes from cable or xDSL modem) in a jack called WAN, Broadband or similar and then plug in the computers in your network to the other available jacks. If you need more ports since these devices usually have only four ports just buy a network switch with the number of ports you want and connect it to one of the available ports on the router. The switch will act as a "port expander". Some routers come with wireless antennas for sharing your internet connection with laptop and desktop computers with wireless capability. By the way, we've written a specific tutorial on wireless security, read it if you have wireless connection.

But if you don't have the money, you can simple disable file sharing from this computer that has the Internet connection. But you may need to share its files! There are two solutions. First, put all files to be shared on another computer and enable file sharing on this other computer. Or simply move the broadband modem to a computer that doesn't need its file sharing to be activated.

You may be thinking why is safe to enable file sharing on the other computers but the computer that has the modem. What happens is that normally the computer with the modem gets a public IP address. A computer with a public IP address can be viewed by anyone on the net. The other computers, on the other hand, get a "magical" IP address (usually 192.168.x.x or 10.x.x.x, for example), that are IP addresses that work only in a local network. Computers with one magical IP address cannot be reached from the net, so they are protected. At least for file sharing hacking. Don't forget that there are a lot of hacking methods, like phishing.

Personal firewalls are also a good idea. If you use Windows XP, install Service Pack 2 (SP2), because it comes with Windows Firewall, a software that can stop malicious software from trying to access your computer and if you install a Trojan Horse by mistake the firewall can block its attempt to send data outside your computer.

Another menace are the infamous spywares and malwares. There are lots of software that can detect and remove this kind of junk. The new AntiSpyware from Microsoft is pretty good.

Originally at http://www.hardwaresecrets.com/article/Protecting-Your-Computer-Against-Invasions/137


2004-13, Hardware Secrets, LLC. All Rights Reserved.

Total or partial reproduction of the contents of this site, as well as that of the texts available for downloading, be this in the electronic media, in print, or any other form of distribution, is expressly forbidden. Those who do not comply with these copyright laws will be indicted and punished according to the International Copyrights Law.

We do not take responsibility for material damage of any kind caused by the use of information contained in Hardware Secrets.