Wear Your Goggles!

Home

My Work

How To

Opinion

Links

Camera

Photos

Friends

How To Keep Hackers Out

Setting Internet Security for your PC

So, you just got your PC on the internet. How long until it gets attacked by a hacker. Well, when I hooked up my PC to my new cable modem, it was attacked within 2 minutes. In fact, it gets attacked every few minutes all day long.

Overview
You need a firewall, anti-virus and spyware killer. Get these programs free from my download page.

A firewall is software or hardware that puts a guard at the door of your PC. You can by a small box that sits between your internet connection and your PC. It makes your PC invisible to hackers. Hackers try to find a PC by looking for used IP addresses. It’s like looking for fax machines by dialing every number and seeing if a fax machine answers. With a firewall, there’s no ring and no answer. The hacker moves on. Also, it looks at all the little packets of data and won’t let any pass through unless you asked for it.

Anti-virus software scans the contents of e-mail, and other programs. It also checks all your files and checks to see if your PC is already infected. For it to do all that, it has to know what a virus looks like, so the software has a list of the characteristics of each virus. Since new viruses come out almost every day, the list needs to be updated on a regular basis. Lots of PCs are sold with an anti-virus program installed, but it you don’t run the update utility, it only catches old viruses, not new ones.

Spyware is a term for small programs that look at the information in your PC and send it to a spy. A spyware killer finds and deletes them. Most spyware is used by marketers to see what sites you visit on the Internet, but some of it grabs credit card numbers, social security numbers, etc.

Securing a Single PC

I assume you already have an internet connection via phone modem, Cable or DSL and want to secure your computer. You will need to add some software, but it’s free.

1 . If you don’t have a virus checker, get the AGV anti-virus program and install it. If you have an anti-virus program, be sure it is updated. If you are not sure, it’s not up to date.
2. Download ZoneAlarm. Install it. Run it.
3. Download AdAware. Install it. Run it.
4. Turn off file and printer sharing. Check your help system for “file sharing”. If its on, hackers can copy everything or put their own stuff on your PC.

ZoneAlarm will ask you about every program that try's to access the Internet. Internet Explorer and Outlook are OK. For any others, click on the "More Info" button.

Multiple PCs

After I got my PC running on the Road Runner Cable Modem, I wanted to share the connection with my other PC. I assume you already have an internet connection via Cable or DSL and want to connect several computers. To share the connection, here's what you do:

1. Get a Router with a feature known as “Stateful Packet Inspection” (SPI). Plug the router into the device your Internet provider hooked. For Road Runner users, it’s a cable modem. For DSL, it’s a DSL modem. They aren’t really modems, but that’s what everyone calls them.

These Cable/DSL Modems have a place to plug a connector (RJ45 Ethernet) that looks like a bigger version of a telephone cable connector. The router most likely comes with the cable, so that should be easy.

2. Plug the other end into the WAN (Wide Area Network - techie term for the internet) port on the router. My router has five ports – four for my PCs (LAN – Local area network) and just one WAN. If you get it wrong, you won’t hurt anything – it just won’t work.

3. Plug a network cable into a LAN port, then into the PC’s network port (called Ethernet)

4. Power it up in this order: Cable/DSL modem FIRST. After the lights calm down (say – 30 to 60 seconds), you can power up the Router. Wait for the lights to calm down (15-60 seconds) and you can start the PCs.

5. Add anti-virus software and spyware killer to each PC. See the previous section (Securing a Single PC) for instructions.

6. Check the router document and change the password. Most hackers know the default password and can break in easily if you don’t change it.

7. It's also a good idea to add a software firewall like ZoneAlarm to each PC.  Why?  Let's say you have someone (Kids?) that visits a site and gets their PC infected. That PC is already behind your hardware firewall and will proceed to infect all the others.


Wireless Routers
I dislike wireless routers because most are not secure. I know of many folks who bought a wireless card for their PC and discovered someone in the neighborhood had a wireless router set up. They get internet access for free and can usually browse your hard drive and read everything. If you buy one, you might be giving free Internet access to the neighborhood. Still want one?

A new game hackers play is “war driving.” That’s where they drive around with a laptop PC looking for wireless access points, connect to your network and have fun reading your stuff. Sometime they drop a new virus on your machines, or email the cheerleader at school from your network. Try explaining to the judge that it wasn’t you that e-mailed porn or threats. Still want wireless? Read this. Do a search on Google and see.

You still want one? Well, a wireless router works just like a regular router, without the network cables to the PC, so you should follow the instructions above to connect everything. Most wireless routers have some security features that need to be turned on (usually WEP, WPA or WPA2). Be sure to read the documents and CHANGE THE PASSWORD. War drivers usually know what the default passwords are and most people don’t change them. The hacker will.

How does a Firewall with SPI work?

Stateful Packet Inspection (SPI) works like a bouncer at a bar. When you leave the bar (intending to return), the bouncer stamps your hand. When you return, he checks your hand for the stamp. When someone tries to come in without a stamp (or an old stamp) he is not alowed in.

When you connect to a web site, the server and your PC send "packets" of data back and forth. These packets contain a "connection number" created by your PC. The router sees the outgoing packet and make a note of the connection number. When packets arrive from the Internet, the firewall checks the connection number against its list. If the packet's number is on the list, it passes through the firewall to your PC. If the packet's number is not on the list, it rejects the packet. When a hacker tries to probe you, his packet number will not be on the list. The packet gets rejected, and the hacker can't tell if you are there or not. In otherwords, the connection must start from your PC or the router rejects the packet.

What if a virus on your PC makes the connection? Well, that's the loophole. SPI won't help at all. Once spyware and viruses get on your PC, the firewall won't help. That's why you need those items as well.

So, I'm safe?

Of course not. No one can ever be completely safe. But at least you have a lock on the door, and a big growling dog standing guard. Sometimes a bug is discovered in Windows that lets something in. Microsoft creates updates and posts them on the Windows update site. You should run Windows Update from time-to-time, and whenever the press talks about a new bug.
 

© Copyright 2008 Ken Elliott