NUJ Training: Advice
  Home > Advice
Back | Forward
bullet  Advice and Information on Representing Members.
bullet  Bursaries
bullet  Careers in Journalism
bullet  Choosing a computer
bullet  Computer Security
bullet  Discounts on Open University Courses
bullet  FAQs (Frequently Asked Questions)
bullet  Funding
bullet  Help Yourselves
bullet  Manchester Support Services
bullet  Prison journalism scheme to roll out nationwide
bullet  Protecting your computer held data
bullet  Searchable FAQs
bullet  Student work experience guidelines.
bullet  Take the Tour
bullet  Training Policy
bullet  Union Learning Advisors
bullet  Web Resources

 

Computer Security

Malcolm Goodson
There are a lot of people out there who want to make your life difficult if you own a computer.

While a lot is made of weedy nerds sitting among their coca cola tins trying to hack into the US Strategic Air Command’s computers in an attempt to start World War III, the reality is that most attacks come from self replicating programs, viruses, worms, Trojan horses which are simply sent out ‘into the wild’ and left to their own devices by their creator. At best they are a nuisance, like spam, at worst they’ll create havoc. ‘SQL Slammer’ which targeted Microsoft’s SQL Server databases brought down most of South East Asia’s network and the European one in the space of 48 hours!

Viruses

Whatever the conspiracy theorists may say about anti virus software companies writing the viruses themselves to boost sales of their products, the fact remains that they exist and unprotected or badly protected computers are contributing to the ever increasing volume of infected junk received by everybody, including you.

Solution?

Buy a piece of ‘off the shelf’ anti virus software (Norton, Sophos, McAffee etc, whatever takes your fancy and fits your pocket) and install it. When setting up the software, make sure you configure it to update itself automatically at least every week. Remember it will only do so if you are connected to the internet. A daily update is recommended for Windows computers to make sure that the ‘window of opportunity’ for your computer to become infected is kept to a minimum. Viruses which target Windows computers ‘mutate’ at an alarming rate.

If you already have anti virus software installed, then make sure it is up to date and is kept up to date. This is usually done from the software provider’s web site.

It is annoying to have to spend money on this but if your computer is not adequately protected then you are contributing to the problem, you are not just an innocent bystander on the receiving end of a virus attack.

At this point, Mac and UNIX/Linux users will start to gloat. It is true that the vast majority of viruses etc in the wild target Windows machines for the obvious reason that Windows machines account for more than 90% of the global home/small business user base. The scale of the havoc caused is that much greater! However Mac and Linux viruses do exist and will continue to exist and I have recently had experience of a third party dialler on an iMac. (Third party dialler – a program which installs itself on your computer and then initiates a call all by itself to a premium rate telephone number using your modem)

So everybody should invest in anti virus software.

Operating System Updates

With the best will in world, no software is ever going to be 100% perfect and operating systems are no exception. Bugs and ‘security holes’ come to light during the entire life cycle of a software product. While you may never notice an arcane bug in Windows which causes your computer to crash whenever you try to play ‘ZombieSims – return to the Netherworld’ (because you are more into replaying the Battle of Agincourt in ‘Henry V – Part III – France strikes back’) it still pays to apply to fixes. More important are the fixes for known security holes.

Again, Windows users are more at risk here because it is so popular. If you were looking to exploit a possible hole, you’d look at Windows rather than Mac for the same reason you’d write a virus for a Windows machine.

Both Apple and Microsoft are very aware of the potential risk to their users and have made the process of keeping computers up to date with the latest fixes and patches very easy. Both operating systems allow for automatic update. Your computer checks the appropriate web site at regular intervals to see if there is anything new which you need to apply and the operating system will automatically download anything which is deemed to be critical to protect your computer.

So make sure your Windows or Mac software is set to automatically check for updates as often as possible – ‘windows update’ for Microsoft Windows or ‘software update’ in MacOSX. These updates when applied should ‘plug’ any known security issues with your operating system. Sometimes they will also cause your computer to freeze, crash, act strangely, or blow raspberries at you because the patch has a bug! But, c’est la vie and the fix for that will not be far behind.

Firewalls

Firewalls are a way of preventing unauthorised access to your computer. Do not believe that just because you have a user name and a password that no-one knows that it is not possible to gain access to your computer. A firewall sits ‘between’ your computer and your internet connection and allows you to prevent anyone from initiating a connection to your computer, although it will not prevent a dialogue from taking place between computers if YOU have initiated the connection, for instance if you log on to a dubious web site.

Firewalls usually use a feature of the actual protocol used to transmit data around the internet. Every time a packet of data is sent it carries the address it came from, the address it is going to and a message which says whether it is a reply or whether it’s initiating the dialogue. A firewall will usually keep a list of where packets have been sent and what computer sent them and it then uses this to determine whether to allow a data packet to reach your computer.

So if you log onto a web site, your computer sends a packet with your address, the address of the web site and the fact that it’s number 1 of a series. Your firewall logs that information. The web site replies with another packet which has its address, your address as its destination and the fact that it’s a reply. Your firewall then checks its log, sees that you did send the first packet and allows the reply through.

On the other hand, if the web site tried to initiate the dialogue, the packet would indicate that it was number 1 in a series and would get stopped (by default, that’s what firewalls do with any incoming packet that’s not a reply). Even if the web site were able to change the message so that it indicated a reply, the firewall would check its log, see that your computer didn’t send any message to which a reply might come so, again, it stops the packet.

A firewall is essential if you have an ‘always on’ connection, such as cable or broadband. It isn’t just the ‘determined’ hacker trying to get your contacts list that’s a problem. There are many automated worms circulating on the internet trying to plonk themselves onto another computer. An always on connection means you are vulnerable 24 hours a day, 7 days a week not just when you log onto the internet.

There are two kinds of firewall, hardware and software.

Most of us cannot run to the four figure sums Cisco want for their dedicated hardware firewalls but since broadband became more popular, a number of ADSL (Asynchronous Digital Subscriber Line – a posh name for broadband) routers, wireless and wired, have been available with a hardware firewall built in. These are certainly worth the small additional cost over a conventional ADSL modem, not only for the firewall but also because they allow more than one computer to easily share the broadband connection.

There are also a number of software firewalls available from the basic ‘built in’ firewalls in Microsoft Windows XP and MacOSX to third party providers such as Norton.

We cannot go into any real detail about configuring your firewall as each set up is likely to be different, but read the manual that came with your hardware or software thoroughly before you start and if you have any unanswered questions about exactly how to set up the hardware or software check on the manufacturer’s web site – that will usually give you the answer you are looking for.

Spyware

Increasingly, spyware and its relatives are becoming as much of a nuisance as spam and viruses – they are also potentially very dangerous. These programs deposit themselves on your computer and monitor the activity of your computer, logging such things as keyboard strokes. It is therefore possible for spyware to ‘steal’ your user name and password for internet banking, your credit card number if you buy online or anything else you enter.

The most popular protection against this is ‘Adaware’ (www.lavasoft.de) for Windows computers. It is a free download but like virus protection software it should be kept up to date. The free version also has to be run manually each time, it does not monitor constantly like virus scanners. If you pay for the software, additional features become available.
ENDS

Date added: 2001-08-05
Last modified: Tuesday, October 5, 2004
Browser: CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
Was the information on this page useful to you? 
Please select:
Yes, it was useful
No, it was not useful
I knew it already
I'm not sure
Thank you.
home | top