Introduction to computer security

Additional Security Software

Introduction
Connecting to the Internet.
How is your computer vulnerable to attack?
Protecting your computer
Useful Links

Introduction

Whenever a computer is connected to the internet, it is "open to attack" from intruders (or hackers). Whilst modern operating systems are more secure than their predecessors, there are basic areas of computer security which, if overlooked by the user, can make a computer easy to attack, making files such as email messages, documents, financial statements and so on accessible to other users. Unfortunately, hackers are always finding new ways to exploit weaknesses in computer software, and whilst software manufacturers regularly release updates (or "patches") to their software, it is usually up to the individual to apply this software update – without it the system would remain vulnerable to attack.

Connecting to the Internet.

Initially, the only way to connect to the internet from home was via a modem and a dial up connection. However, high speed "always on" broadband connections are now commonplace, and whilst the speed at which data can be downloaded via broadband is higher, the risk of connecting via this type of connection is higher too.

Dial Up / Broadband – The Differences

Dial Up Connections.

Before broadband use became widespread, users connected to the internet via a dial up connection using a modem. This is referred to as "dial on demand" in that your PC only connects to the internet as and when necessary, for example when sending / receiving email, or when searching for information on a web site. Once the data has been sent or received, the connection is terminated, and the PC returns to a "standalone" state. In addition, each time the computer is connected to the ISP, it is usually assigned a dynamic IP address – this makes it a lot harder for someone to take control of your computer. The maximum dial up connection speed is 56kbps.

Broadband Connection.

A broadband connection is described as "always on" as the PC does not have to call up the network when there is any information to receive or send – the computer is always on the network ready for data to be sent or received at any time. If someone wanted to send information to your PC, they can do so at any time. As the connection is "always on" the IP address changes a lot less frequently, making it a lot easier for someone to connect to remotely. Typical download speeds for broadband connections are up to 8Mbps.

Example of Broadband type connection – Halls of Residence Service.

How is your computer vulnerable to attack?

There are two main types of attack:

External Attack.

Whenever any computer is connected to the internet it is vulnerable to this kind of attack. A remote computer running malicious code can locate your computer and then monitor it for weaknesses. If this is successful, the remote computer can then use yours as a launch site for attacking others, or can obtain confidential information, and cause damage to your own computer. If you are connected to the internet via a broadband connection, the fact that you are connected permanently to the network, usually with the same IP address, greatly increases the chances of this occurring. Other "packet sniffing" software monitors the data being sent and received and could intercept sensitive data, such as credit card details, passwords and so on.

Internal Attack.

This can also be referred to as a Trojan Horse attack, and is a common method of gaining access to a computer. A file is placed on your computer, commonly sent via email, which causes malicious code to be run. What this code does depends on the viruses author - it may be nothing more than a nuisance, however, it could be something more malicious, and may have the capability of deleting files on the hard disk. Many viruses have been passed via email, sent as an attachment or script within an email message. On opening the attachment, the virus "attaches" itself to your computer, which can then be used to pass on the virus to others.

This type of attack is just as damaging to those computers connected via dial up connection as those using broadband, as in both cases the file is placed on your computers hard disk which can then access your files and security information, and can then report back to the virus author the next time it is connected to the internet.

Before opening an email attachment, always make sure that you know the source of the attachment. – a number of viruses have been spread as they appeared as though the message originated from somebody known to the user. Be particularly aware of files with the extension .bat .exe and .vbs

Protecting your computer

There are a number of basic ways that a computer can be made more secure when connected to the internet, whether by dial up connection, or broadband.

Install Antivirus Software.

A good antivirus application is essential. The antivirus definitions should regularly be updated to ensure that the latest viruses are detected. Ensure that you have real time scanning enabled at all times – in this way, whenever a file is accessed, the antivirus software scans it, and if a virus is found notification is given, containing details of the virus name, which file is infected, and methods of removing the infection from the PC, before the virus can attack. Most antivirus applications can detect internet and email based viruses before they have chance to infect your computer.

CIS recommend the McAfee Antivirus application, as used within LJMU. It is available free of charge to all staff and students, and can easily be updated via the internet. It can also be configured to scan your email and files downloaded from the internet to your computer.

Install a firewall.

A firewall is used to prevent unauthorized access to or from a network, and is usually used to prevent unauthorized internet users from accessing private networks connected to the Internet. All information entering or leaving the PC passes through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

For home use, a software based firewall greatly increases the protection offered to your PC. Windows XP and Vista includes firewall functionality, and for those still using an earlier version of Micrsoft Windows, a number of applications are available, which are either free of charge or relatively inexpensive.

Keep all applications updated.

Software suppliers regularly post updates to their applications and operating systems, which can increase their stability, security and any other vulnerabilities when they are discovered. Antivirus software is regularly updated as more viruses are developed. Check regularly to see if any updates have been made available to your applications – in particular security updates for your operating system, web browser and email applications. Links to manufacturer web sites can usually be found within the applications help files, or via the menu bar of the application.

Disconnect from the network when not in use.

If your computer is not connected to the internet, it cannot be attacked from external sources. Therefore, to minimise the possibility of attack, disconnect from the network whenever possible – particularly when connected via a broadband.

Regularly backup important information.

Whether connected to the internet or not, it is recognised good practice to keep backup copies of important data on removable disks, such as CDR/W, DVDR/W or memory sticks. If the primary copy of your work becomes corrupt, it can easily be restored from back up copies.

Using your home PC as a web server.

One of the advantages of having a broadband connection is the ability to use your computer as a web server. All recent versions of Microsoft Windows include a web server application. Running your computer as a web server greatly increases its vulnerability. Whenever possible, always use a commercial server to host your web site, and disable Personal Web Server or IIS.

Exercise caution when opening emails and web pages.

As mentioned earlier, don't open any unknown attachments or emails before verifying the source of the file. If you must open the attachment, ensure your antivirus software is up to date and real time scanning is enabled before opening the file – this will greatly reduce the chance of virus infection. Additionally, web pages may want to download and install objects on to your PC, such as ActiveX components – be aware that these components, if from an unknown source may contain malicious code.

Always virus check files downloaded from the internet.

Useful Links

Operating System / Web Browser / Email Client Updates.
Microsoft - http://www.eu.microsoft.com/ - check regularly for updates, patches, service packs to the Windows Operating Systems, and Internet Explorer Web Browser.

Microsoft "security at home" information
http://www.microsoft.com/athome/security/default.mspx - Offers further advice on protecting a home computer.

Internet Explorer Updates
http://www.microsoft.com/windows/products/winfamily/ie/default.mspx - Updates and security patches to the Internet Explorer Web Browser.

Security Guidance for Microsoft IIS
http://www.microsoft.com/technet/security/prodtech/IIS.mspx - security information and patches for Microsoft IIS.

Firefox
http://www.mozilla.com/en-US/ - Home page for the Firefox web browser

Apache Web Server
http://www.apache.org/dist/httpd/ - Apache web server updates and patches

McAfee Anti Virus
Computing and Information Services is licenced to distribute McAfee VirusScan to staff and students at Liverpool John Moores University.

Firewall Software
http://www.zonelabs.com/ - Developers of the free ZoneAlarm firewall package
http://www.microsoft.com/windowsxp/pro/using/howto/networking/icf.asp - article on configuring the Windows XP firewall
http://cnet.search.com/search?timeout=3&tag=ex.cn.1.srch.cnet&q=personal%2Bfirewall - comprehensive information, reviews and
downloads of personal firewalls

Information contained in this document is based on

Home Network Security Paper – http://www.cert.org/tech_tips/home_networks.html
Internet Security for Microsoft Windows Using Broadband Connections - http://www.broadband-help.com/cm_security.asp

Page last modified by Unknown on 15 May 2009.

Get Connected - On Campus Network Access Control Wireless access points Laptop docking points JANET eduroam Guest Wireless Access to LJMU

Get connected - Off Campus Halls of Residence Staff dial up

Useful advice About this computer Introduction to computer security Wireless networking - health and safety statement Security software Known issues

share was this page helpful?

home>>Help with computers>>Connect to LJMU>>

LJMU Dream, Plan Achieve - Page ID:66251