Editorial
Carjackings On The Info Superhighway
The world's most popular website was brought to its knees yesterday by what appears to have been a concerted denial of service (DOS) attack -- and there's probably nothing they can do to stop it happening again.

It's crazy isn't it? Surprising as it may sound, even a smart 12-year-old using a regular old dial-up account and a 33.6Kbps modem could, in theory, cripple a site designed to cope with a load that is measured in millions of pages per day. This stuff isn't brain surgery -- there are literally hundreds of websites out there that provide everything you need to cause a massive pile-up on the information superhighway -- it can be as simple as running a ready-to-go program on your own PC and just waiting for things to break out there on the wider net.

Unfortunately this is what happens when you build a global network based on technology that is 20 or 30 years old.

Despite its pseudo-military origins, the Internet was never designed to be a secure network with strong resistance to deliberate abuse. The reality is that the Net was designed for a decidedly benign academic environment with its roots in the days of flower-power. Everything was peace, love, bells and beads -- nobody would dare use the Net for any kind of attack on another.

Well the bad news is that this is the noughties (../../00) and there's a whole new culture of crackerism and commercial espionage that has come to rely on the weakness of an aging technology so that they can either get their kicks by smashing a few virtual windows, or try to make their competition look bad by crippling their systems.

The whole situation isn't helped any by the fact that one of the largest provider of Internet server software and operating systems seems to have a somewhat less than impressive track record in the area of security. Although they're gradually improving things, using MS Windows as an Internet platform without expert assistance in configuring the security options is still almost like stapling a "kick me" sign to your trousers.

Of course other vendors also ship products with holes -- but it's far more likely that someone using a Sun or SGI platform will already have a good understanding of security and good systems setup than someone unwrapping a copy of NT and throwing it onto an off-the-shelf Pentium box.

However it's not just the big-name websites that are at risk -- every time you log on to the Net you're putting up a "kick me if you can" sign. ADSL or those using other forms of full-time Net access are even more vulnerable.

If you're using an older copy of Microsoft Windows (ie: Win'95 or the first release of Win'98 then you should know that it's only a matter of time before you wake up and find your bottom has a big bruise on it. Without all the latest security patches, Windows is NOT a secure platform for accessing the Net.

Early versions of Win'95 didn't even check to make sure that other Net users couldn't simply treat your PC's hard drive as a remote drive connected to their own machine! What's yours was also theirs and they could read, modify or erase your files just as if they were on their own local hard drive.

Even later versions have a raft of security holes -- and every time you run another program the chances of someone breaking into your machine while it's connected to the Net is increased.

Sounds pretty dire doesn't it?

Well it's not quite that bad. There are a large number of very cheap (or even free) software packages around that will not only provide you with a good degree of safety against break-ins, but which can also even make your PC all but invisible to other Net users who might be looking for a victim.

Tomorrow I'll give readers a brief overview of what's out there, where to get it, and what it can do for you.

Any readers who are already using such firewall and stealth tools are invited to send their experiences and recommendations (or "avoids") to me for inclusion in tomorrow's column.

As always, your comments are gladly received.

Aardvark Reviews... IHUG's StarNet Trade & Exchange www.listener.co.nz (Updated 26 Mar) MS Image Composer Sony Mavica FD7 Epson 600 iomega ZIP