Securing Your Home Network
There has been a huge rise in the number of digital subscriber line (DSL) and cable Internet connections to private homes. These "always on," high-speed connections to the information superhighway now give home users the same abilities--but also the same responsibilities and liabilities--as any major corporation on the Internet. Home users must now effectively become their own Information Security department.
This is the first in a regular series of security articles and whitepapers from AtomicTangerine, lead investor in SecurityPortal. AtomicTangerine is an independent Venture Consulting firm founded at SRI International, formerly known as Stanford Research Institute.
In the last few months we have seen an increase in the number of reported computer and network attacks. Most of these have been high-profile attacks, such as the "I Love You" email virus and Februarys series of distributed denial-of-service (DDoS) attacks against major Web sites. Many companies and universities unwittingly took part in the DDoS attacks: attackers were able to plant "zombie" programs on computers at these institutions, which served essentially as robotic artillery units during the attack. Partly as a result of this recent hacker activity, network security has become a major focus for the corporate IT world.
|"Home users must now effectively become their own Information Security department."|
If you dont take an active part in securing your home network, then youre at risk. Dont dismiss the likelihood of a stranger accessing your computers. If you have a high- speed connection to the Internet, then youre probably scanned for common vulnerabilities much more frequently than you would expect. If youre still on an old clunky analog connection, dont think youre not at risk either. You may not be targeted as frequently, but if an attacker has reason to believe you have something of value, she will take the time to target you.
To help give you a quick idea of how susceptible you may be, we came up with some alarming test results on one of our own ATT @Home cable connections. A poorly configured Windows box running file and print sharing without a password was accessed in less than 24 hours. The risk is far more prevalent than you would probably expect; on average, 5-10 scans come across daily looking for easily exploitable services. The most common scan that we found was on port 1080--attackers looking for an improperly configured proxy that can be used to steal a victims network identity. Even @Home does its own share of scanning; it scans this particular subnet on port 119 (news) about once an hour from "authorized-scan.security.home.net."
|"Entire hard drives may be erased simply to give thrill or excitement to a script kiddie who thinks such an act brings him closer to hacker stardom."|
Many attacks are launched by users with very little computer knowledge at all, commonly known as "script kiddies." Weve found a number of Web sites, chat rooms and online radio stations that are dedicated to sharing knowledge about exploiting common security vulnerabilities. Anyone can be up and running in minutes, scanning for open shares on computers using tools found with a simple Internet search. Entire hard drives may be erased simply to give thrill or excitement to a script kiddie who thinks such an act brings him closer to hacker stardom.
The urgent need to protect your home system may seem daunting, perhaps even scary. It certainly can be both. Consider this: The average e-commerce business easily spends more in a year on information security than the average home owner is expected to pay for his/her home over 30 years!
So what are Joe and Jane Smith, everyday eBay shoppers, supposed to do about securing their home computer?
The good news is that securing your home computer equipment is really much easier--and much cheaper-- than you might think. Depending on your needs, you might even find that adding decent security is free. We will be mentioning a few products in the rest of this article. We must point out that these are not meant as endorsements; they are simply examples of the types of products we actually use.
Lets look at the Smith familys situation. They have one PC at home with a high-speed (DSL or cable) connection, and they dont turn it off. They are average, everyday Web surfers running some form of Microsoft Windows. They only need a firewall of some sort to be safe enough. There are many firewall programs available from vendors -- many by direct Web download -- and many are free or cost less than $50. Some come with frequent updates, much like anti-virus software. The Smiths dont need a long education in firewall management, either; they simply filter all incoming traffic. Pretty simple, pretty effective, and pretty cheap.