Before you do anything else, though, please see the Klez virus alert. This virus is spreading worldwide at an alarming pace, and it has the ability to disable your antivirus software. It can also send files from your computer to many people around the world, so if you have any information on your computer that you consider confidential, it is essential that you take the recommended steps before your research projects, credit card numbers, and love letters get spread worldwide.

You may be wondering why anyone would try to break into your computer, or why you should care. Of course, there is the obvious reason of trying to retrieve information. Electronic espionage is a fact of life, whether it is of a corporate nature or a governmental nature. Universities make good targets for this type of espionage because it is easier to steal groundbreaking research than it is to conduct the research. This theft of information can be done from miles away, or even from the other side of the planet, and there is little risk of being caught. Governments and organizations from less technically developed nations might see this kind of activity as more cost effective than conducting their own research.

"My computer just has a few unimportant things on it. There is nothing of interest there. I don't need to worry about hackers." This is a mistaken assumption made by many office workers and home computer users. First of all, if your computer might have credit card numbers or social security numbers on it, there are people who will try to get that information. If you're lucky, they're just thieves looking to make a lot of fraudulent purchases, leaving you with a credit card mess to straighten out. If you're not so lucky, they're identity thieves. This will result in a personal nightmare which might take you years to fix. I won't go into detail because there are many web sites which deal with this issue, such as THIS SITE from the U.S. government.

"Well, I guess I don't need to worry. I just use my computer for games and online chat. Even if my machine is hacked, it's no big deal." This is also a very mistaken assumption. Even if your machine is fresh from the store and has no personal information of any kind on it, it will still be targeted, especially if it has a broadband connection. This would include computers on the University's network as well as home users with a cable or DSL internet connection.

Machines with broadband connections are prime targets for intrusions. Once compromised, they can be used as platforms for launching other attacks. This allows attackers to cover their tracks and hide their true origin. This can be accomplished several ways, but the most popular way is through the use of 'remote administration tools', sometimes referred to as RATs or Trojan Horses. These are usually installed on Windows machines with shared drives, but they can also be hidden in other programs which the victim is then tricked into running. Some of these programs are disguised as games. Some are disguised as image files because, by default, Windows hides file extensions, (so brittney.jpg.exe appears to be brittney.jpg). Some arrive as screensavers, which, as you may or may not know, are executable programs themselves. (Screensavers are also completely unnecessary, too, but that's another story.) Some have even claimed to be programs designed to 'speed up' your internet connection, which is an absurd claim because your connection will only be as fast as the slowest connection between your computer and the site you're connecting to. If your computer is taken over and used for further attacks, you might be the person blamed for the attacks. The real attacker will move on to use another compromised machine, while you are left to deal with the consequences.

Another favorite tactic is to install hidden software on victim machines which is then used to carry out distributed denial-of-service (DDOS) attacks. The attacker will install this hidden software on multiple computers, either by taking advantage of typical insecurities, such as shared drives, or by tricking the users into installing it. The infected computers don't appear to behave any differently. However, they secretly listen for a remote command from their controller, and when they receive the right command, they all start flooding a target computer with garbage network traffic. The result is that the target computer crashes or its network connection is killed off. Since this traffic is coming from computers around the world, it is unlikely that the targeted system will ever know who was really behind the attack. This is the type of attack which took down e-bay, CNN, and a few other high profile sites in early 2000.

Whether your machine is compromised with a hidden remote control program or a DDOS program, the end result is that it has become a pawn for someone else who has more control over your computer than you do. If your computer is used in an attack, the blame will rest upon you, while the person who compromised your machine gets away without any trouble at all.

StormRanger Computer Security provides easy to follow, easy to understand, step-by-step information on making your computer more secure, as well as steps to take if you think your computer has been hacked. This is an excellent resource for both beginners and advanced users. This site also has links to security sites which will scan your computer for vulnerabilites and provide you with a report. (These scans are most useful for home users with paid internet accounts. Users connected through the University's network, including dial-in, will not obtain accurate results due to the University's firewall.)

The SANS Institute and the FBI have created a list of the Twenty Most Dangerous Security Vulnerabilities for computers connected to the internet. It is broken down into general vulnerabilities, Windows vulnerabilities, and Unix vulnerabilities. The list provides detailed descriptions of the problems, information on how to fix them, and links to additional resources.

The Computer Emergency Response Team, also known as CERT, is another great resource. It is a central repository for computer security information which provides details on the latest Incidents and Vulnerabilities. If you have a computer connected to the internet, I urge you to read their page on Home Network Security. Although it focuses on home users, the information it provides is applicable to anyone who uses the internet, whether at home or at the office. They also have a Virus Information Page which has useful details and links about viruses, including how to spot a virus hoax.

This should be enough to keep you busy for now. Although there is no way to make a computer 100% secure, except for leaving it turned off and never using it, if you follow the advice presented in the links above, you will greatly reduce the risks associated with connecting to the internet.

Network Security is administered by Randy Woodling. You can contact him at x6585 or Randy Woodling