During these potentially life-changing times a great amount of discussion is taking place between colleagues, friends and relatives in an attempt to make some logical sense out of it all. Are the Americans simply driven by oil? Are France and Germany standing off because they fear that when the ´allies´, go in, they will find too many embarrassing Fabrique en France´ labels on goods in Iraq? Did the security services really have no hint of September 11th?
The last point is particularly perplexing because our own secrets, (yours and mine) are being stolen from under our noses, in our own homes and offices, from our own PCs, quite often without our knowledge. There are gaps in our own personal IT security that allow third parties access to information on our computers and networks.
Who are these third parties and what are they doing?
Back Door Access to your PC
This story actually happened to me on my home PC over the last two months. On New Years Eve afternoon I decided to download the Atomic Clock from a web site to set my watch to the second for the planned celebrations that evening. During the download hundreds of windows suddenly appeared, some saying ´I can see your IP address´. My PC was flooded with windows about stuff for sale. I had never seen anything like it. I closed my Explorer connection down, installed the Atomic Clock, ran a Virus check and all seemed to be well. I have Virus Scan software on my PC and the definitions are updated daily.
A few days later I came home and went to the PC, which had been left switched on but with no programs loaded and there was a window in the middle of the screen trying to sell me a university degree from somewhere in the USA. My immediate reaction was virus, so I instantly ran a virus scan, found a few infected files and deleted them. The PC scanned clean for days and then another window appeared. This time from ´Golarger.com´ selling guaranteed 3" extension treatment! At this point I suspected a web cam in the bathroom, but no, it was a virus again. But where did the virus come from as my virus software was up-to-date and it had found nothing?
This continued with other windows appearing more regularly with ´holidays for sale in Florida; and more ;Golarger.com offers´. I was losing faith in my virus protection system now, as there appeared to be no protection.
Anyway, one of my colleagues, Neil Macdonald, who is a ´virus-buster´, came to have a look. He discovered that a program had been downloaded and had installed itself in my start-up routines, which, after boot up of my PC, continuously transmitted my IP address to the world. Your IP address is like your telephone number. This program was itself a virus but was not being picked up. My IP address appears to have been transmitted to the world for a month and every low life hacker and viral engineer has it.
Ex Directory IP Address
We installed a firewall on my PC that blocks communications in and out of the PC other than by those processes you give permission to such as email and Explorer. Since installing it a week ago I have been the subject of over 6,000 attempts to get access to my PC!! This is really scary. You can see the IP addresses and in some cases email, web addresses and they come from all over the world.
For a month, my home PC had been open to the hackers of the world to grab, download, edit infect what they wanted. My virus protection system only picked up hints every now and again, which led me to become more suspicious as time went on.
War Driving
Imagine someone accessing information from your computer while sitting in a car outside. It´s called "war driving" and it could easily happen if you use a wireless network (WLAN) and you haven´t taken steps to protect it.
The term "war driving" comes from a similar term "war dialling" which was coined in the ´80s. Back then; hackers would dial random phone numbers hoping to find open computer modems. "War driving" is essentially a higher tech version of that.
It is not possible to limit the signal escaping from the limits of the building or yacht when using a wireless network. Evidently all that is required is a laptop computer, along with an antenna enhanced by using a Pringle´s crisp can and some free software downloaded from the Internet!
It can happen around business premises, on a yacht in a marina or at home. Your neighbour could set-up an access point and maybe have an ADSL high-speed modem, you could have your desktop connected to theirs and they might never know!
The good news is that it is possible to secure your wireless LAN (WLAN).
The majority of WLAN security issues identified fall into these categories:
l Failure to effectively encrypt data travelling across wireless networks.
l Equipment left in default configurations.
l Insufficiently secured wireless network access points, potentially allowing hackers to set up rogue access points to capture company information.
l Failure to secure data on wireless enabled laptops.
Be careful there are some very devious people out there and whom are they all working for? It may not be just big business intelligence they are after. It may be ´Big Brother´ trying to control our lives!
For further information contact: Roger Horner, Jason Abbott or Erik Nieuwmeijer at E3 Systems. Tel: +34 971 404208/400738 Fax: +34 971 404431
email: roger@e3s.com web: www.e3s.com