General Internet Security

The Internet is an excellent resource, but it does come with one or two security threats that are, at best, no more than an irritant, and at worst, lead to a complete loss of service thanks to someone using your PC as spring board for their own activities.

The Threats

TCP/IP

Connect any TCP/IP enabled device to the Internet, and within a few minutes it will see any number of spurious connections. Some of these will be totally benign connections resulting from old connections and some could be potentially damaging to either the device or data held on that device. The effect of these connections on the device will depend on the services running on that device, it's operating system and any patches applied.

Virii

The name Virus is a generic term given to programs or script files that generate copies of themselves, usually with some payload that either causes damage to files or disrupts a system's operation.

Trojans

Trojans are programs that are normally hidden within other applications. Once a trojaned application is run, the trojan is executed and will run in the background of a PC usually as a process very like a system one, such as explore.exe. Worms

Worms are programs that not only infect machines but also attempt to replicate themselves to other systems.

Spyware

Spyware is a term given to programs that collect information about an Internet user, usually for marketing purposes. Spyware applications can be installed through viruses, although often Spyware is used as part of revenue generation for 'free' software and is installed as part of the installation of the software.

Prevention

Firewalls

Firewalls take their name from the firewalls installed in cars, between the engine and passenger compartments, and like in their motor car namesakes, Internet Firewalls act as a barrier between a PC (the passenger compartment) and the Internet (the engine compartment). At minimum, Firewalls are simple IP packet filters rejecting unexpected connections to a host, whilst at the other end of the spectrum, Firewalls can be complex systems analysing individual data streams. Firewalls are an essential tool to combat the Internet Threat but they can lead to a certain paranoia when they start identifying spurious traffic marked as 'Attacks'. In addition, some Firewalls can display what are termed 'False Positives', where it identifies traffic as malicious whereas in fact it is valid and legitimate.

Anti-Virus

Perhaps the singularly most important software required when using the Internet, especially where Microsoft software is used on a machine. Most AV software will detect known viruses, trojans and worms, and will also scan files for as yet unidentified viruses.

Trojan Detectors

Whilst Trojans can be detected by most AV software, there are some Trojans that are not identified as malicious so are not included in some AV software definitions, so a dedicated program that detects and removes Trojans can also be used.

Worm Detectors

Again, detection of worms is usually handled by AV software, but dedicated software is also available.

Spyware Detectors

Spyware is unlikely to be detected by AV software due ti the fact that more often that not, it is part of the license agreement of a pice of software that you agree to install a form of spyware. Dedicated removal software is therefore available, although removal of some Spyware can cause some software to stop functioning!


© Nig's Net Written using the Bluefish HTML Editor on RedHat 9.0.

All Copyrights and Trademarks ACK'd. Not to do so would be a SYN!