Category 2
Up Main Page

Up

Category 2 - Home user with Broadband

If you fall under Category 2, you have a whole lot more to worry about than our Category 1. Your system is a prime target for Hackers and others who would love to get into your system, poke around, look for vital information on you, your family and/or your business - and possibly leave a nice present for you in the way of a "trojan" program that would allow them to return to your system with little or no warning and use your computer for their own purposes. Your ISP or Broadband Provider can only do so much to prevent Hackers & Crackers from gaining access to your system, but there are a host of things you can do: the catchphrase  is "Be Proactive!"

To protect yourself from Internet Abuse, here are several tips that I've used and given my friends and customers alike - they haven't failed yet.

 

Personal Firewall

If you read through Category 1, you should be aware of what a Personal Firewall can do for you in the way of protection; is a piece of software that monitors your Internet connection and blocks access to your system from "questionable" activity. Since you are obviously on a Broadband connection (either via some sort of DSL service from your phone company or via Cable-modem service from your Cable TV Company), your computer is now part of a network that is, for the most part, very similar to a LAN (Local Area Network) for a business. For Cablemodem users, this is even more so, because you are all sharing the same bandwidth/connection speed from your Cable Company, regardless of what the "advertized" connection speed is: even though they say that you have "4MB down/384kb out" the reality is that you'll never see that speed unless everyone else in your neighborhood is asleep or not on the Internet. This "shared bandwidth" situation also opens you up to a new host of problems, where other-than-respectable-and-trustworthy users may be using "sniffer" software to probe the local network and "capture" all of the data you are sending; however, this is not usually the case, but it's in your best interests to make sure that when you are sending sensitive data, such as Credit Card and other personal info, that you are using software that supports encryption and security features. The earlier caveats concering security holes and patches apply even more so when you are on a Broadband connection, because you computer or computers are even more exposed to the Internet - hence, the need to keep up-to-date with the latest patches and upgrades to your Operating System and the major software you use is even more critical...and the only person to blame if your system or systems become compromised is your own fault, and no one elses. An example I use is that of the "Gated Community": The guard and the gates at the entrance to the Community only work to a certain point - it's up to the home-owner to make sure that they have appropriate security and protection to prevent someone from illegally entereing their home. The analogy directly applies to your Broadband connection to the Internet and the system or systems you use with that connection. Remember this from the "Category 1" discussion:

    "Networking software was originally designed to allow for the easy and nearly seamless sharing of information between systems in an  office environment; consequently, when the Internet gained popularity and Network software was extended to use the Internet, many (sometimes very glaring) holes were found to exist in that Networking software that would have easily allowed other users to take control of another user's system, snoop through files and even go as far as destroying software and removing important files. Software patches that have been released over the years have closed many of those "security holes", but with the growing complexity of software and Operating Systems today it's becoming virtually impossible to keep-up with the changes."

For Broadband Connections, a Personal Firewall is only the first line of defense.

Recommendations

For a recommendation for a Personal Firewall for your Windows PC, I would heartilly recommend the following product:

ZoneAlarm - ZoneLabs - ZoneAlarm is acclaimed and praised by many in the Industry as being the best Personal Firewall product available, and I'd have to agree with them - I've been using it for 3 years and have yet to experience a single break-in or compromise of my system's security. The thing that makes ZoneAlarm different and sets it above the rest of the software-based Firewall programs is that it is failry easy to set-up, visually alerts you to possible attempts by software to perform functions that are key-signs of hacking activities against or on your system.

Another plus that ZoneAlarm gives you is the ability to check your incoming email and block viruses included as email attachments, therefore giving you an extra layer of protection.

 Forbes had an interesting article about ZoneAlarm - you can read it here

ZoneAlarm comes in three varieties - the "Freeware" version is adequate for most home/dial-up users and, of course, is FREE. ZoneAlarm Pro has more features, but we feel that the "freeware" package is adequate for most dial-up users.

 

Hardware Firewall

Hardware Firewalls are much different than Software Firewalls - they are installed in-between your Computer or Computers and your DSL or Cable Modem. They have the ability to actually block or deny access to your computer or computers based on criteria you chose, and the level of access you allow.

Most modern Hardware Firewalls - even the Firewalls included in buget-sized Broadband Routers - include features such as "Packet Filtering", which limits access into and out-of your computer or home network based on the type of data being send or received, as well as a wonderful feature called "Statefull Packet Inspecton" or "SPI". SPI, when implemented properly in a Hardware Firewall or Router, gives the Firewall the ability to examine each packet of data as it arrives to the Firewall or Router and check it against known rules and data "signatures" for a wide variety of attacks. Since you are on a Broadband connection, along with being targets for Hackers to gain access to new systems your system is also now a target for a directed attack against your systems and your connection - known as a DoS Attack; this has nothing to do with MS-DOS, but the DoS is an acronym for "Denial of Service" attack. DoS attacks are intended to "flood" your connection with invalid data that your Cablemodem and/or Router/Firewall try to resolve; when they are unable to handle the data, they occasionally reset themselves or shut-down. This kind of attack can knock-out your connection to the Internet in a matter of minutes, and another kind of attack, called a "DDoS" or "Distributed Denial-of-Service" attack - where multiple systems on the Internet take part in the attack - can knock-down the heartiest Web Server or Service Provider on the Internet. SPI can help mitigate such attacks, but only if your Firewall/Router are robust enough and can handle the data.

Recommendations

For a recommendation for a Hardware Firewall and/or Broadband Router for your systems, I would heartilly recommend the following product:

SMC SMC7004VBR 4-Port 10/100 Broadband Router

This Broadband Router is the exact same one I use in my Home/Office Network, and it has worked exceptionally since I purchased it over 3 years ago. It contains a host of features, including SPI, Packet Filtering, MAC (Media Access Control) Address Restrictions (nothing to do with Apple Macintosh Computers, regardless of what SMC's site claims - I've emailed them about their mistake ), Network Address Translation (NAT), (which technically provides Internet access for up to 253 PCs at the same time using a single IP address - although you will only be worried about 4 addresses since you'll normally only be using 4 of the ports), email alerts on possible intrusion attempts, and the ability to block access to websites and specific Internet Services that you specify (an excellent resource for parents to control access to content and services like chat-rooms that you don't want your children to access).

Although this is just a recommendation, any similar Broadband Router with similar functionality will provide you with the same level of protection.

Netgear RP614v3 4-Port 10/100 "Safe Web" Router

Another broadband router that we've recently tried is the Netgear "Web Safe" RP614 Router. The feature-set is similar to what we found on the SMC 7004VBR, with the exception of some added switching fabric optimization on Netgear's part - hence the "200mb/sec" transfer rates. In head-to-head testing, we found the Netgear RP614v3 Router to be superior - I was even able to get 6mbit/sec connectivity from the Internet across our 3com 16-port OfficeConnect 10/100 switch, and that was quite a suprise, since the SMC 7004VBR's switching fabric seems to be a bit lacking; bear in mind, though, that the SCM 7004VBR is an older product, and the Netgear RP614v3 is the latest in Broadband routers from Netgear. Both Routers support NAT, SPI, Packet Filtering, MAC Address Restrictions, and URL Filtering - Netgear's configuration menus (which is, from where I stand, much better than SMC's) also include keyword filtering on URLs (a very nice feature for parents wanting to limit their children's access).

Either Router is a solid choice, but I would prefer the Netgear RP614v3, simply because of the newer switching fabric and the configuration system menus.

Anti-Virus

My recommendation for Category 1 users still applies for Category 2 users; computer viruses are still an on-going concern for anyone who uses a computer today, and will continue for the foreseeable future, and any computer user who does not have an Antivirus solution on their system - regardless of their usage - is simply asking for problems. If you still don't have any kind of Antivirus software installed on your computer you are asking for more trouble than it's worth. Why spend $75.00 or more to take your system in to your local PC Repair & Service shop to have your system cleaned when you can do it yourself and keep yourself protected from further infections for less than half the price of that Service call?

Recommendations

Norton AntiVirus - Amongst the wide variety of Anti-Virus packages available is what I believe to be the best AV software around - Norton Anti-Virus from Symantec. Norton AntiVirus has always been one of the top-notch AV solutions for years and years, and as far as I am concerned, they're the best. You can purchase the current version of Norton AntiVirus at Costco for around US$30.00.

 

Ad-ware & Spy-ware

Ad-ware,  Spyware and the other kinds of Mal-ware are even more of a concern for Broadband users. If you follow my recommendations and install a Hardware Firewall or Router (like the SMC SMC7004VBR) you are pretty-well protected from a kind of abuse that Dial-up / Category 1 users are accustomed to - WORMS! A Worm doesn't need a download from a website or opening an infected attachment or Trojan in an email to infect your system - they can get into your system just by reaching your IP address; they surreptitiously shove their software code on to your system and can do a host of things, including all of the features and capabilities of Trojans and Viruses as mentioned previously, along with turning your system into a "Drone" or "Zombie" to be used in DDoS attacks. Viruses and Trojans are even more critical a concern, as well as Ad-ware and Spyware. The fact that you have an always-on connection to the Internet makes your system or systems even that more desirable to access, and since you will probably have the same IP address for weeks and months at a time, the access to your system or systems will be much easier for these miscreants. Fortunately, the same tools for their detection and removal, along with a good Anti-Virus solution as mentioned above as we mentioned in Category 1 apply here as well.

Recommendations

Lavasoft Ad Aware - Ad Aware had the ability to remove Ad-ware, Spy-ware and most Mal-ware from your system. Amongst all of the Ad-ware removal tools available, Ad-Aware does the best job at removing these programs and associated files from your system. Ad-Aware will also check for "tracking cookies" that try to report your visits to websites back to Marketing companies as well as scan your System Registry to check for any questionable entries that might have been made by Ad-ware and Spy-ware packages.

Caveat Emptor: If you decide to use Ad-Aware on your system, be sure to get regular updates from them when you use this program - the number of new Mal-ware programs and variants grows daily, and the best way is to make sure that every time you run it that you check for new "signature" files ("signature files" are the files that AV and Ad-ware/Spy-ware removal tools use to identify these programs for removal  - they work pretty much like a collection of "fingerprints" for these files and allow the software to specifically look for these signatures in suspected files)

Microsoft AntiSpyware - For Windows 2000, Windows 2003 Server and Windows XP Users, Microsoft has recently released a Beta of their "Microsoft AntiSpyware" - all in all a very promising product. Since it is a Beta release, (The term "Beta" in software refers to software released to public or a private list of selected customers and users to test the software in public use before the product is actually released. Since most "Beta" software programs are not feature-complete, there are chances that they will not work properly or might be missing important features. and are hence not usually representative of the final product). I've been using this software since it was first put into public Beta testing, and it does a fairly good job. One nice feature is that it will warn you when something is attemtping to do something on your system that it believes is an attempt to install or do Adware/Spyware/Malware-like functions in real-time, giving you the chance to block those actions at the precice moment that these programs are trying to perform them. It's not perfect, and I would not try to use this as your only defense against Spyware.