Cyber Angels Corporate

We bring our better angels to every fight
Home
About Us
Contact Us
PC Security
Connectivity
Network Terms
Wireless Security
Security Risks
Strategic Actions
Router Strategy
Other OSes
US Cert Info
Site Map
Common Network Security Risks

 

Security risks on your PC occur whether you’re connected to the Internet or not. However, you’re at a greater risk of data being compromised when you’re connected to the Internet via your PC. Your data is at risk if you have a hard drive failure or if there is a power failure and you haven’t saved your work. When you’re connected to the Internet, however, your risk rises because if you disconnected your PC, no one would be able to access your data unless they were sitting in front of your PC. Therefore, disconnecting your PC or turning it off when not in use will solve many security risks that you might be faced with. If you’re like me, however, I don’t follow this practice as I like to keep my PC on at all times simply because being a techie I know that turning your PC on and off all the time is harder on the hard drive and the electronics on the motherboard due to the heating up and cooling down of the electronic components and solder on the printed circuit cards. In addition, keeping your PC on all the time maintains a constant humidity environment within the PC box itself thus allowing the PC to operate at optimum levels. The main reason for getting a Broadband service is so you don’t have to connect to the service each time you want to use it and thus turning off the PC or disconnecting your service runs counter to this logic. It’s really up to you as a user which you prefer. It must be said though that turning off the PC or disconnecting your connection through a router will stop any incoming traffic 100% of the time. I choose to discuss here ways in which to achieve almost the same level of security without having to turn off the PC or disconnect your Broadband service.

 

Let’s briefly discuss some of the most common ways in which intruders or hackers take control of your home computer. I have listed them as follows:

  • BackDoor Viruses & RAP
  • Trojan Horse Viruses
  • Email Spoofing
  • Email Viruses
  • Denial of Service Attacks
  • IRC
  • (Internet Relay Chat),
  • Chat Programs,
  • ICQ
  • Network Packet Sniffing
  • Hidden File Extensions

 

Back Door Viruses & Remote Administration Programs are often used by intruders to access and take control of your home PC. Some of the common Back Door Viruses are Back Orifice, Netbus and SubSeven. These viruses are launched typically when a user is tricked into installing it via a web page or an email with embedded hyperlink. Once the program is installed, the intruder accesses the user’s PC through client-side software which allows him to remotely administer the PC with the same rights and privileges of the user who installed it. If this individual is an administrator of the local machine, then the intruder has administrator rights when he/she remotely accesses and controls the PC of the victim. For more information on Back Orifice & Netbus (the most prevalent of this class of virus and the most dangerous), please visit Symantec’s Response to Back Orifice & Netbus.

  

Email Spoofing is another common way intruders gain access to your information. Email spoofing works this way: The intruder uses a virus with built-in SMTP (Simple Mail Transport Protocol) engine to generate an email on your system or someone elses system where you are in the infected person’s address book, to alter the header information on outgoing mail to make it appear that you sent the message when in fact you didn’t. This process is normally used by intruders or, in this case, spammers to launch viruses to unsuspecting victims who open mail and attachments from the sender (that appears to be you) because they trust you as the sender. These viruses are usually malicious in nature and deliver virus payloads that are malicious viruses or worms.

 

Email Viruses are viruses that drop their intended payloads when a victim either clicks on a hyperlink embedded in the email that takes them to a website designed to download a virus or if the victim opens an attachment which subsequently launches a macro virus or similar virus on the victim’s PC.

 

A Denial of Service Attack is not a virus but is a method that hackers use to deny legitimate users of websites access to those sites.  These attacks are typically executed by using DoS tools to send multiple packets of information to servers such as FTP and HTTP servers flooding these servers with so much information that it robs the servers of the resources necessary to remain stable and service requests. Any PC connected to the Internet is subject to an attack such as this and may not be the target of the attack. Rather, your PC may be taken over by the hacker and used to launch DoS attacks on other worldwide servers as an instrument of the overall combined attack itself.

 

IRC Chat and other chat programs such as MSN IM, AOL IM and ICQ may by the very nature of how they work on the Internet make you vulnerable to being attacked by intruders if the security on the servers hosting the chat service and the security on your home PC and/or network is inadequate. Chat programs may potentially allow virus attacks into your PC because of certain ports that these programs use.

 

Network Packet Sniffing is a method of capturing packets of information as they travel across the Internet to and from your PC. This data may contain usernames, passwords or other personal data which could then be read by the intruder who captured them. Packet sniffers can be installed outside your home network anywhere in the world and still be able to capture data packets and deliver them to the hacker who wants to view them. Cable Modem users are more susceptible to packet sniffing attackers than say DSL users since the former users are on a shared rather than private network system as are DSL users. A packet sniffer installed on any Cable Modem system in your neighborhood or in a neighboring city, for instance, could allow a hacker to capture and view your data if you don’t adequately protect that data.

 

Last, but definitely not least, is the form of attack known as “Hidden File Extensions.” All Windows Operating Systems have the ability to “hide file extensions of known file types” that users can disable (usually enabled by default). Many email viruses have been known to exploit these hidden file extensions so that users may not recognize, for instance, that they are clicking on a file with an .exe or .msi file extension since it is hidden. These two file types are program executables which install programs after being activated.

 

Alert:  [For 4/13/07]  Storm Trojan email spam virus is making its way into users' mailboxes.  Please do not open any attachment unless you are certain of the source.  For more information on this virus, please visit the Symantec Threat Advisory Center Web site.

 

Copyright 2006, CAC Network Security Website, All Rights Reserved

 

 

This page was last modified on Wednesday, September 26, 2007 03:50 GMT-05:00