InfoWorld
Lead with Knowledge
HOME/ SITEMAP
SUBJECT INDEXES
ABOUT US
WHITE PAPERS

Learn to secure your PCs from new and unknown hacker attacks.

Free IDC White Paper - Discover Secure File Sharing for the Enterpriseattacks.

SEARCH:  
Home  //  Article
Print Article    Email Article
Window Manager
Brian Livingston
To protect against Trojan horses, you will need a strong gate as well as a firewall

MY LAST TWO columns have described two major problems that afflict Windows users' privacy and security on the Internet. In this week's column, I give you two tools that attempt to deal with these issues.

The first problem is that marketers have found a way to send you e-mail that links your e-mail address with your computer's IP address, browser version, and other data. If you've given your real name, address, and e-mail address to anyone (using electronic commerce, for example), you are now in a database.

Web sites that purchase this database can find your real name from your IP address when you merely look at one of their Web pages.

The second problem is that malicious hackers can run destructive ActiveX controls, JavaScript, and Java applets on your PC when your browser merely looks at a Web site or your e-mail program displays a message (without even opening an attachment).

These programs can change or destroy data on your hard drive, or install a Trojan horse. The hacker uses such a program to scour data files from your PC or from your entire network.

These problems can potentially affect your company, even through a firewall. A firewall typically rejects outside communications to an Internet-connected PC, unless the communication was requested (as when a browser requests a Web page). But a Trojan horse can transfer data on port 80, which is used for Web traffic. Most firewalls leave port 80 open. If they didn't, PC users wouldn't be able to see Web sites.

Quite a bit of news was generated recently by one Trojan horse called RealJukeBox. This music player accesses the Internet to send its creator, RealNetworks, data about the music files you play. A critique by security consultant Richard M. Smith is available at www.tiac.net/users/smiths/privacy/realjb.htm.

This behavior, in which an application accesses the Internet without your knowledge, is much more dangerous than simply revealing your musical tastes. Any applet that opens a channel to the Internet poses a risk in which nefarious persons can use the link to access your system.

For example, take the Server Management Agent software that is installed on Compaq machines running Windows NT or NetWare. In its original configuration, this software allows "any user with access to the Internet protocol port 2301" -- the device management 0port -- to read any file on your system, according to Compaq. (For information and a fix, go to www.compaq.com/support/techpubs/customer_advisories/ES990604_CW01_0.html.)

Stopping the unauthorized flow of data from your system is the goal of a new, free program called ZoneAlarm. This utility, developed by San Francisco-based ZoneLabs, displays all processes that access the Internet from your Windows NT, 2000, 98, or 95 system. You can configure it to deny Internet access to unauthorized programs or block all Internet access after a period of inactivity. To get ZoneAlarm, go to www.zonelabs.com/zonealarm.htm.

The first problem I mentioned above is as serious as the second. If a malevolent person knows your e-mail address, your browser version, and the IP address you're currently at, he can try to access your system -- perhaps using a weakness peculiar to your browser.

If successful, that person can deposit something like Back Orifice 2000, a Trojan horse that sends your data files out to be searched automatically.

This is a factor in the increasing incidence of identity theft. Credit theft reports to Trans Union, a large U.S. credit databank, are up from 35,000 in 1992 to 500,000 in 1997, according to the Federal Trade Commission.

With a person's Social Security number and birth date, crime rings can acquire credit cards and ruin your credit. Quicken financial records and many other files contain exactly the information these rings seek.

The fact that Web sites can find out your real name if you browse them has serious consequences, too. With a database of all the Web sites your browser has touched in the last 12 months, someone who doesn't like you can select a few URLs that would make you appear to be quirky or even dangerous.

Protecting yourself from these threats is the aim of Freedom 1.0 (software that gives you any number of untraceable e-mail pseudonyms). It also protects your IP address and other information while you use the Web, telnet, chat systems, or newsgroups. Freedom operates with a $50 a year service (or a free trial) available from www.freedom.net.

Reader Bill Perry will receive a free copy of More Windows 98 Secrets for being the first to send me info I used in this column.

Send me your experiences with the above two tools, using "Trojans" as the subject.




RELATED SUBJECTS

Operating Systems
Security

MORE >
SUBSCRIBE TO:    E-mail Newsletters  InfoWorld Mobile InfoWorld Magazine
Home  //  Article Print Article    Email Article
Back to Top
 ADVERTISEMENT
 

SPONSORED LINKS

Download the J.D. Edwards CRM white paper. Visit jdedwards.com/crmpaper
Introducing Primus Quick Resolve. Click to download a fact sheet.
Download the J.D. Edwards CRM white paper. Visit jdedwards.com/crmpaper
Gateway: Your Reliable IT Provider of Business Technology Solutions
Learn to secure your PCs from new and unknown hacker attacks.

SUBSCRIBE
E-mail Newsletters
InfoWorld Mobile
Print Magazine

Web-based training
ABOUT INFOWORLD  |  SITE MAP  |  EMPLOYMENT  |  PRIVACY  |   CONTACT US

Copyright 2001 InfoWorld Media Group, Inc.