The intent of this section is to provide PC users with insight into the technical aspects of their computers in the area of security and internet safety.  It seems funny how "Internet security" has only recently entered the mainstream as we have been preaching the importance of internet security for nearly a decade. 

Topics

Introduction to Internet Security | Securing your Broadband Connection | Securing your Wireless Router | VPN versus PCAnywhere

INTRODUCTION TO INTERNET SECURITY
by Joseph Weierheiser

The Big Lies

By now, there is little need to define the importance of internet security as every cheesy mainstream ISP on the planet has been advertising their half-baked "total internet security" packages.  The problem with these ISP sponsored after thoughts is the lack of specialization they have in the vast areas of Anti-virus, Anti-spyware, Firewall protection and Cryptography.  The software "they" offer are watered down and virtually pointless versions of what a user really needs.  If you're reading this and saying to yourself, "but my ISP's software package looks like it works to me", then you're missing the many pitfalls of using this alleged "total internet security".

There are several large problems with using these canned security packages.  First of all, each program is either a weaker version of some other sell-out's work modified to fit in the can, or the program is an in-house production developed by a team of people with little working knowledge of the security area they are developing for.  So, this usually leads to security programs that appear to work, yet they can only resolve half the problems at best.  The second large problem with these canned goods is the amount of resources they absorb from your life.  These programs clutter your registry, all launch at start-up and will continue to annoy you for as long as you use this garbage while all the time barely doing half the job they are intended to do.

Hackers

What is a PC user to do then?  The first thing we recommend to do is to become somewhat educated on what is really going on out here with the internet.  A user must understand that the internet is the new Wild West and that every virus toting scumbag with a pocket full of password stealers and key-loggers is out here too.  The only difference is now your stagecoach gets held-up and you don't even know it happened until your credit card statement arrives in the mail.  These rogue hackers were once considered the entire problem for the average internet user, but no longer.

Spyware and Corporations

Now some very large corporations are in the mix as well.  This group of reputation riding trust abusers are using spyware to monitor your every internet action while they hide behind the guise of some little L.L.C. that does all the dirty work.  How and why would these fine corporations do this?  

The how and the why go hand in hand and the why is simple, money.  How they do it is this; first you visit a site and are offered a free gimmick-ware toolbar to install for your browser which of course you register upon installation giving them your name, address, email address and phone number.  Once you do that, every site you visit is logged and categorized into a database file that isn't even stored on your computer as the information is transmitted to their remote site.  This collection of information is then used to profile you into marketing classifications.  Then this information is sold to someone looking for customers just like you and then the spamming begins via email, pop-ups and snail-mail. Voila!  Millions of suckers are now using a fast machine that runs slower than molasses in January and being targeted for marketing they didn't ask for.  All of this is just inside the boundary of legal thanks to a handful of legal loopholes and the fact that you agreed to all this when you installed their software. Isn't this just lovely?

Spyware - The Other White Meat

While corporations use a borderline legal method of obtaining information from you, the larger majority of spyware activity is being perpetrated by rogue hackers and bogus marketing firms.  This brand of spyware is the real danger while the aforementioned variety is simply annoying and intrusive.  The reason isn't the method of obtaining your information as much as it is the use of that information once obtained.  However, the method of obtaining this information is important in order to prevent this from happening in the first place.

This darker spyware activity is usually done with active-x (ocx) controls that are automatically downloaded and installed on your computer when you visit certain sites.  Normally, I would feel some pity for a person that gets infected with this, however, they became infected because they were either visiting a free porno web site, looking for some free warez or using some file sharing scamware, which essentially they bring the problems all on their own.  It's like the guy that robs a smalltime drug dealer knowing damn well the drug dealer won't call the cops since they're both criminals.

For the most part, this form of spyware can easily be avoided by simply not engaging in white collar internet crime and staying away from most pornography web sites.  Yet, there is still a chance of being infected even if you avoid all the rubbish.  If you become infected with this brand of spyware, whether by dabbling on the dark side, or by simply visiting the wrong web site by accident, many terrible things can occur.  Passwords can be stolen.  Identities can be stolen.  Bank accounts can be emptied.  Credit cards can be maxed out.  Internet accounts can be hijacked.  And the least harmful thing that can happen is your email account can be overrun with hundreds of spam mails per day.  OUCH!

Malicious Viruses

While spyware is the most popular form of internet crime these days, the threat of the good old-fashioned malicious virus still remains.  Email worms are cute and simply drain resources to annoy the hell out of people, these are popular but not very dangerous.  The twisted goodies we're really talking about are the viruses that do the real harm such as; install client software on your computer so a hacker can steal your files, or a virus that slowly corrupts every file on your hard drive until your computer simply won't boot up and you lose every file on your hard drive, or the virus that infiltrates your system registry and corrupts it to the point of complete malfunction.  Yes, these little gems are the ones that make people cry as they realize they haven't ever backed-up their data and now it is all gone.

So, who the heck is behind this demented activity?  Most of these types of what I call, "Hard Viruses", are developed by several groups of lower life forms such as; rogue hackers looking for a challenge, zit faced punks looking for a laugh and underestimating the consequences of his mostly, and sometimes her actions, terrorists trying to muck up things in the West, Eastern block "Eurotrash" being cute as they attempt to show their superior computer skills while existing in economic inferiority, and last but not least, your garden variety Chinese guy acting like the Eurotrash guy.  Basically, this area is wide open.  Anyone with a limited amount of computer programming skill can write a program that destroys.  These destructive malcontents deserve no respect.

Finally, there is a lot of Agent Mulder talk that goes on about how the anti-virus corporations write viruses to create the need for their software.  Sounds like a great conspiracy, but not very likely at all.  When you consider the fact that there are so many filthy minded scumbags out in the world looking to make their ill reputations shine, there is no need for the corporations that create the anti-virus software to write viruses in order to create their market.  The market is already there and thriving all by itself because there are so many virus writing morons in the world.  This whole idea is moot.

Another Brick in the Wall

Now that you know the dangers of being on the internet, we'll provide you with some ideas to protect yourself.  There are many programs out here that claim to do the job, however, here is a list of software we use.  All these programs offer completely free versions which work just fine, yet the full versions offer many more powerful features well worth the money.

We suggest using the above software because they work and work well.  We're not getting any kickback for promoting these tools.  These links are offered as free help to get you started in protecting your computer.  However, we are promoting our Onux software for the cryptography and file security categories.   You can find the link below.

 

ONUX

Onux is continuing to gain popularity and a new version is currently under development.  We're not announcing a release date yet, but we will give free upgrades to all current and future users of Onux. If you haven't already, get your copy of Onux Today.  To the Onux Section >>  

Top

SECURING YOUR BROADBAND CONNECTION

In addition to the security software mentioned above, a Broadband user should also have an extra source of protection.  A simple router with a built-in firewall between the PC and the modem is a good first line of defense against a multitude of attacks.  Most routers have this feature and all you have to do is simply plug the router in between your modem and PC and that is all.  However, you may need to go into the router's configuration software and turn it on.  Most of the time this is simply entering http://192.168.0.1 or http://192.168.1.1 into your web browser, entering the default username and password and clicking on the security tab where you'll find a switch for firewall on or off.

Most people with a router already have multiple PCs on their small home networks which is why they have the router to begin with.  A router with built-in firewall is inexpensive and truly helps defend your computers.  

Top

SECURING YOUR WIRELESS ROUTER (Not Public WiFi)

Wireless routers are rapidly becoming commonplace as more and more people buy laptops with Centrino chips in them.  The first thing most people do with their new wireless laptop is go out and buy a wireless router, plug it in and have all sorts of wireless network fun, while never giving security a second thought.  Personally, I have driven around various neighborhoods and shopping plaza parking lots with a wireless laptop just to see how many people actually secured their wireless routers.  I'm sad to report that out of 178 wireless routers found, only 6 were secure. This means that I could easily access the internet, look at shared documents and files, print things and so on, without the owners ever knowing about it.

Listen, there are plenty of people out there that know this information as well and will use these wide-open connections to commit crimes with.  Securing the wireless router takes less than 5 minutes and will deter 99.99% of everyone from trying to leach on your connection.  Since all routers are a little different, you'll have to refer to your router manufacturer's documentation that came with the router.  If you don't have that booklet anymore, go to their web site and search the support section.  Most of the time the manufacturer posts the manuals online for download.

All you're really doing to secure your router is using a little streaming encryption.  Not ultra secure, yet good enough to block most everyone out.  It's simple, the wireless router has a security panel.  In that section there is usually something that refers to wireless security or encryption.  You set the key set and save the router's settings.  Then the next time you try to connect to that connection, you are asked to provide one of the keys you used to secure the router.  You would simply enter your key like a password, which you can store as well, but I don't advise it.

So, if you think nothing bad will happen to you and you don't care if the neighbor kids use your internet connection, go right ahead and set yourself up to be a chump.  The fact is, that internet fraud could be committed through your open connection and the trail will end at your doorstep.  Don't take the chance and use some encryption to secure your wireless connection!  It costs you nothing more than a few moments of your time.  And if you don't want to bother with it, pay someone to come and set it up for you.  You can either spend $100.00US today or run the risk of spending time in jail, attorney's fees, court costs,  wasted time on the phone to credit card companies, extortion pay-offs and so on.  Things can get very ugly if you don't know how to defend yourself.

Top

VPN VERSUS PCANYWHERE

If you are one of those people that does a lot of traveling or field work with your laptop and want to have access to your office computer, then this topic is for you.  However, this is a bit more advanced than the previous topics and you may simply want to hire a tech to handle this for you. 

First of all, security is the primary issue here and VPN (Virtual Private Networking) is not very simple to properly secure.  Also, most people want to use the internet to access their office PC.  Since the internet is a dangerous place without security, VPN really isn't a good choice unless you're using additional protection to secure that connection and you know exactly what you're doing.  In my opinion, more trouble and cost than it's worth, especially if you're a small business.

For those with a small network and budget, PCAnywhere is an excellent choice and one of the few products from Symantec for the mainstream worth using.  PCAnywhere can be set up in less than an hour and actually works quite well.  PCAnywhere also allows the user to set up encryption for transport so that the data transferring back and forth from host to client across the internet will be a scrambled mess if intercepted, VERY important.

Let's say you have one office PC connected to a router and a laptop with wireless broadband.  You want to be able to use your office computer while you're out in the field, or at least access the data from your office computer. 

  1. First you designate the office PC as the Host and the Laptop as the Client. 
  2. Then you install PCAnywhere on both computers and designate each computer as stated above during installation.
  3. After installation, create a user on the host machine giving a password and username.  (Be creative here, you don't want something lame and easy to figure out)
  4. This part is really the only tricky part.  You'll need to set-up port forwarding on 2 ports for the same Host IP in order to connect to the Host PC through the router.  This is actually a very simple task that only seems intimidating at first.  (Refer to your router documentation)
  5. You will also need to obtain your actual Internet IP by looking at your router's status. 
  6. Once you have everything set-up and all the proper information, you can set the host to wait for incoming, then connect with your client laptop using the IP, username and password. 

If you did everything correctly, you'll connect and be able to use the Host remotely and share files.  Once you know things are going to work, you should set-up the encryption part the software using a strong level of encryption at least the medium setting and not allowing anyone to connect without the same level of security setting.  All this information is included with the software documentation.  This is merely a brief explanation and not a tutorial.

In addition, you may need to change the Internet IP from time to time depending on whether your IP is static or dynamic.  Most people are dynamic, so you will need to change which IP you connect to, occasionally. This is also the first thing you should check in the event you cannot connect.

Finally, if you are not using a router and have only one computer on a direct connection, you can obviously skip over the router steps.  You may also directly dial your Host via modem, which is more secure, yet very slow.

Top

 

  
     

 

 

Home | About | Products | Support | Downloads | Shop | F.A.Q. | Tech Tips

Cronoslogic Incorporated 1999 - 2005  All Rights Reserved