Stop That Attack! Blocking and Stopping Network Intruders

Computer security is big business these days, and no wonder: Stories of security breaches make the papers and TV news shows with increasing regularity. From confidential business data to Social Security numbers and credit card accounts, there's plenty of information winding up in the wrong hands.

By Mark Edward Soper
Tue, March 25, 2008

CIO — Data thieves aren't always the black-clad hackers typing away in a dark room a la The Matrix, either: Data center employees with a chip on their shoulders and the technological savvy to put something over on "the man" are often at fault as well. (Also read Eight Strategies to Strengthen Network Security.)

So, what can you do about it? Whether you're responsible for your own computer or manage a fleet of hundreds (or thousands) of PCs, PCs are vulnerable to a variety of threats, including:

  • P2P clients
  • Insecure wireless networks
  • Phishing
  • Spyware
  • Viruses
  • Insecure work at home environment
  • Social engineering

Here's how to stop them.

Just Say No to P2P File Sharing

Peer-to-peer file transfer clients such as Gnutella, BitTorrent, Kazaa, LimeWire and others enjoy an almost virus-like popularity as an easy means of sharing music and video files with other media enthusiasts. Unfortunately, they can also share sensitive corporate and personal data with strangers around the block, the country or the world. Recent studies of P2P file sharing at banks and the federal government have demonstrated how easy it is for programs intended for media sharing to gain access to confidential and secret information. In Dartmouth University's Tuck School of Business study of P2P file sharing at America's top thirty banks, P2P file sharing searches for text in song or video filenames found matching information of all types, including company names, addresses and much more. A study by security firm Tiversa found over 200 classified documents in just a couple of hours of searching with P2P client LimeWire.

Why is P2P file sharing so potentially dangerous? Depending on the client, P2P file sharing is usually keyed to file types, not folders. Consequently, a music or video file in the same folder as confidential information can expose the entire folder's contents to a P2P search. What's worse is that some P2P clients make it easy to share an entire drive rather than just specified folders. P2P clients pop up everywhere, including corporate PCs, as well as your children's PCs or other home PCs.

To stop the threat of P2P file sharing at work, corporations should configure security to block P2P clients. If you're telecommuting, use file encryption on work folders and make sure you never, ever set up a P2P client to monitor work folders. Stay on top of the P2P game with resources such as a P2P and file-sharing resources search at TechRepublic.

Securing Insecure Wireless Networks

Wireless networks are easy to set up—especially if they're insecure. Your office may have a wireless network that's locked down with WPA or WPA2 encryption and Radius authentication servers; if you work from home or in a public area on an insecure wireless network, you might expose sensitive information. What kinds of threats are out there?

  • If a restaurant or other retail establishment uses an insecure wireless network for its point-of-sale system, war drivers in the parking lot can grab credit card numbers from business credit cards and sell them, or use them for unauthorized shopping sprees.
  • Free wireless hot spots abound in restaurants and coffee shops. If network shares on a laptop aren't blocked by a firewall, other surfers could get a side of data with their lattes or sandwiches.
  • Home wireless networks provide a double dose of insecurity: They might be insecure (lacking WPA or WPA2 encryption) and might also use standard SSIDs or workgroup names, making it way too easy for an intruder to get access to the network and any shared folders on the system.

The problem is multifaceted, and so are the solutions. It's difficult to determine if a retailer's POS system is secure, but any public hot spot is insecure by definition. Windows Vista's firewall automatically blocks shared resources on public networks such as hot spots. However, Windows XP SP2's firewall requires you to select its "no exceptions" setting to protect shares when you use a public network.

If your e-mail client doesn't offer secure log-in, don't use it in a public hot spot. Instead, create a secure connection for e-mail, file transfer, remote desktop and other applications by setting up secure HTTP (HTTPS) or virtual private network (VPN) connections to your primary computer, or use a secure remote access service such as GoToMyPC.

Continue Reading

Our Commenting Policies