InfoWorld
Lead with Knowledge
HOME/ SITEMAP
SUBJECT INDEXES
ABOUT US
WHITE PAPERS

Learn to secure your PCs from new and unknown hacker attacks.

Free IDC White Paper - Discover Secure File Sharing for the Enterpriseattacks.

SEARCH:  
Home  //  Article
Print Article    Email Article
Window Manager
Brian Livingston
Internet service providers are starting to fix Windows' gaps in high-speed protection

FOR THE LAST three weeks, I've written about the problems that Windows users face from malicious hackers on the Internet, especially when connected via cable modem or Digital Subscriber Line (DSL). In this week's column, I finish the series with steps that some Internet service providers are taking to protect their customers from these threats.

Unfortunately, most ISP customer service representatives seem to know little or nothing about the many ways that people can hack into a PC across the Net. This needs to change immediately, because the problem is real.

Joe Ryan, a reader in Los Angeles, writes: "I set up a network of four PCs on a four-port hub with shared drives. Later, I got a cable modem, but neglected to stop sharing until I got an anonymous call one evening. [The caller] asked for me by name, and said, 'Your computer name is Manhattan, you bank at Wells Fargo, your balance is $x,xxx, your address is xxx, and you're active in the following organizations.'

"I said, 'Who are you?' He said, 'Oh, a fellow MediaOne cable user, and I'm just calling to tell you that you shouldn't share your drive, as you are visible to everyone."

Ryan's type of problem can be solved by taking the steps recommended last week. (Go to www.grc.com, then click "Shields Up!")

But closing the common security holes in Windows is not enough to protect high-speed Internet connections. Several readers proposed installing Linux on a separate machine to act as a firewall. That can be an excellent solution for technically knowledgeable people. But it isn't a panacea, either, as indicated by a reader I'll call "Ken."

"We already had a firewall, and not just a software firewall, but our old 486 running a Linux-based firewall. While investigating an apparent slowdown of our @Home connection, we discovered that our Linux machine had itself been hacked and used to attack hundreds of systems around the world. At least three successful break-ins were traced back, not to the hacker, but to the humble 486 in our closet."

Ken concludes, "Fortunately for us, there are network professionals in our household, so we were able to do something about it. But what is the average user supposed to do?"

What, indeed? I believe that Microsoft needs to "harden" Windows against these security risks. Since that means we might have to wait until Hell freezes over, however, there are steps that ISPs should take right now for every customer who signs up.

One promising sign is ISPs who support security appliances at the customer's site. WatchGuard Technologies (www.watchguard.com), whose Firebox II device I wrote about in my Oct. 25 column, has teamed up with several such ISPs. Companies such as GTE Internetworking and PSINet offer security packages customized for each user's needs. Updates are provided by WatchGuard's LiveSecurity service, which broadcasts new security fixes to customers as new threats are discovered.

WatchGuard recently acquired BeadleNet, the maker of the SOHO 2000 Internet security appliance. This device, with a suggested retail price of $349, is targeted at the small-office/home-office that has signed up for high-speed Internet access. This price point is more appropriate for small businesses than WatchGuard's Firebox II, which is priced at $5,000 and up for small to midsize corporations.

There are, of course, many other ways to improve security for PCs that are connected to the Internet. I have mentioned a few in my column merely as examples.

We must not let our individual preferences obscure the main problem: millions of people are being hooked up to high-speed access without, at the same time, getting the firewall defenses they need. Something like the SOHO 2000 or Firebox II needs to become a standard feature of high-speed access, in whatever form is most effective for each ISP.

I appreciate the many comments that readers have sent, although I haven't been able to print them all. Readers Joe and Ken will receive a free copy of More Windows 98 Secrets for submitting comments I used. If you have more to say on this topic, send me e-mail using "protection" as the subject. Thanks.




RELATED SUBJECTS

Web Technologies

MORE >
SUBSCRIBE TO:    E-mail Newsletters  InfoWorld Mobile InfoWorld Magazine
Home  //  Article Print Article    Email Article
Back to Top
 ADVERTISEMENT
 

SPONSORED LINKS

Download the J.D. Edwards CRM white paper. Visit jdedwards.com/crmpaper
Introducing Primus Quick Resolve. Click to download a fact sheet.
Download the J.D. Edwards CRM white paper. Visit jdedwards.com/crmpaper
Gateway: Your Reliable IT Provider of Business Technology Solutions
Learn to secure your PCs from new and unknown hacker attacks.

SUBSCRIBE
E-mail Newsletters
InfoWorld Mobile
Print Magazine

Web-based training
ABOUT INFOWORLD  |  SITE MAP  |  EMPLOYMENT  |  PRIVACY  |   CONTACT US

Copyright 2001 InfoWorld Media Group, Inc.