This in-depth article takes a look at hacking on the Internet. Covering hacker motivation, computer viruses, security, personal firewalls and how to track a hacker!
8.1 Server-side Security
Internet security can basically be broken into two separate areas: client-side security (i.e. you and me), and
server-side security (web servers, LAN servers etc.). For the purpose of this discussion I will focus on client-side security, as
this is the area that affects the majority of Internet users.
Server-side security is a large and very complex area, and generally falls within the domain of the system administrator. Server-side
security only becomes a major issue for the average Internet user when their privacy is violated by sloppy server security, for example,
if their e-mail server is hacked, or the server hosting their web site is hacked. It is the system administrator's responsibility to
ensure that all measures that can be taken have been put in place to ensure that such eventualities do not take place.
8.2 Client-side Security
Personal security on the Internet is a real issue, one that is unfortunately overlooked or not taken seriously
enough by the majority of Internet users. It is this 'care-free' environment combined with the genuine ignorance of many Internet
users that allows hackers a free reign over many people's systems, where all of their private documents (letters, e-mails, contact
lists, credit card numbers, CV's etc.) are liable to fall into the wrong hands, without the user even knowing that their system
has been hacked.
For this section on personal Internet security, I will guide you through a practical tutorial on how you can beef-up your online
presence. There is no such a thing as a completely 100% safe method, but you can go out of your way to make it difficult for any
black-hat hacker to target your computer, and therefore make it a very unattractive target.
This tutorial will be broken into four main areas:
- Anti-virus security.
- Personal firewall.
- Responding to being hacked.
This sequence follows a logically sequence, one that could be repeated in a real-world hacker attack on your personal
files. Hopefully, this will become clear as we proceed.
8.2-1 Anti-virus Security
In part 5 of this article, I discussed in detail what a computer virus is, but I neglected to discuss how you could protect
your machine from computer viruses, which is exactly what I will cover here.
Anti-virus software resides in the active memory of your computer, and takes control of your machine to alert
you if an active virus is present on your machine. If the software cannot repair the infected file, it will quarantine the file
or give you the option of safely deleting the file from your system.
Anti-virus software may also be used to scan your hard disk, floppy disks, zip disks or CD ROMS. It may also be used to scan
attachment files in e-mails, which is one of the main sources of viruses. The important thing to remember is that new viruses
are being discovered daily, so if you have anti-virus software installed then you need to make sure that you keep it's library
of known viruses up-to-date, otherwise you will have no protection against the latest batch of viruses.
General Virus Prevention Methods:
There are many other methods to prevent your computer files from becoming infected, most of which are common
sense. Here are some of the more important ones:
- ALWAYS be wary of unsolicited e-mails, especially ones of an 'unsavoury' nature such as pornography related e-mails.
- Any .exe (executable) files should not be opened unless you trust the source 100%.
- Always be wary of any software that you install on your system, especially free downloaded software. Check the software company's credentials.
- Steer clear of 'Warez' (pirate software).
Finally, and most importantly, backup all of your important data onto floppies, zip disks or ideally CD ROMs.
That way if the worse does happen, and you need to wipe you computer's hard disk (or the virus does it for you!), then at least
all of your hard work is stored in a safe location.
8.2-2 Personal Firewall
Firewall technology is nothing new; it has been present on most Internet and LAN servers for many years. What
is new is that firewall technology is now available on a smaller scale for the single user with one computer connected to the
Internet. While not as immediately important as anti-virus software, if you are serious about your security and protecting your
privacy online, you might consider buying a firewall.
Firewall software acts as a secure barrier between your computer and the outside world. It monitors all traffic to and from your
computer, and decides whether or not this is normal Internet activity or an unauthorised security risk. To the hacker, firewall
gives the impression of your computer not being there, or at very least being difficult to locate. Furthermore firewall provides
additional protection against Trojan horses, as it will block the unauthorised e-mailing of the key-log file to it's intended
recipient, and alert you of the Trojan horse's attempt to do so.
It is possible to see how a firewall protects your system by monitoring incoming traffic
from the Internet, while at the same time watching for un-authorised software connections from your computer to the Internet.
Like anti-virus software, there are many brands of firewall software on the market. Many companies now offer anti-virus and firewall
technologies bundled together at a reduced price, which generally prove to be excellent value for piece of mind.
Let us assume that you are infected with a Trojan horse that e-mails off the contents of your 'My Documents'
directory, or your e-mail server is hacked and some of your e-mail attachments are stolen, your privacy has now been utterly
violated, right? But what if the files that fell into the hackers hands were encrypted using a powerful algorithm combined
with long, complex password that the hacker could never crack? In theory, the integrity of your data should still be secure
in this 'worse-case scenario', provided you have taken these precautions.
Encryption programs basically 'scramble' the original file so that it is unreadable to anyone without the correct password to
de-scramble the file. Apart from the many commercial products available, there are many reputable encryption engines available
online for free. These allow the user to encrypt all types of data files at will (Word documents, JPEGs, databases etc.), some
even allow the user to create self-extracting zipped archives that are also encrypted, which provide an excellent means of
transferring important data files via e-mail in a safe and secure way.
The key to data encryption is to choose your passwords carefully, and change your passwords frequently.
8.2-4 Responding to being Hacked
If your computer is hacked and you do not have any form of firewall installed, you won't even know it happened.
Let us suppose that you have firewall installed, and your firewall has alerted you of an attempted hack attack which it has blocked,
what do you do next? An attack may show up in your firewall log-file looking something like this (note that some details have been
removed for security reasons):
03/11/01 17:13:01 Rule "Default Block Backdoor/SubSeven Trojan horse" blocked (***.***.**.***,*****). Details:
Inbound TCP connection
Local address,service is (***.***.**.***,*****)
Remote address,service is (***.***.**.***,*****)
Process name is "N/A"
03/11/01 17:13:01 Intrusion attempt detected from address 123.123.123.00 by rule "Default Block Backdoor/SubSeven Trojan horse".
Blocked further access for 30 minutes.
The key piece of information here is that your firewall has capture the hacker's IP (Internet Protocol) address, 123.123.123.00, which
allows you to trace the whereabouts of the hacker (i.e. literally to any city in the world). Using a piece of software called
Visual Route, you can now run a trace on the IP address. Visual Route will now follow the path of the IP address right back to
the ISP's (Internet Service Provider's) server that the hacker is using to connect to the Internet. It is now possible to e-mail your
firewall log-file to the hacker's ISP, alerting them to his/hers misuse of their service.
8.3 Review of Client-side Security
In this tutorial on Internet security, I have shown how any Internet user can protect their privacy online
by simply being armed with the right knowledge and tools. I have shown how to safe-guard against viruses, explained the importance
of firewalls and what they do, explained how data security can be increased even further by employing encryption software, and
finally how a user can respond to being hacked from a remote location.
Internet security constitutes many other areas that are not covered in this tutorial, but I hope I have ignited the spark that will
motivate the Internet user to research for themselves the various methods at their disposal, in order to make themselves the least
attractive target for any potential hack attack.