Editorial
The Siege Of The Internet Part 2
The hacker attack on high-profile websites has entered its third day and shows no sign of abating.

Today's targets appear to be ZDNet, E*Trade and Datek, with all these sites being knocked out for several hours at different times throughout the day.

Analysts say that it' highly likely that those launching the attacks are being aided by trojans (hidden or disguised software) that have been covertly installed on other servers all over the Net -- all the more reason for subject of this short series of Aardvark articles.

In response to yesterday's column, quite a number of people emailed me with examples of what they're doing to protect their computers from unwanted intrusion on the Net.

The methods adopted for creating a secure system are manifold. A surprising number of people have at last found a good use for that old PC which became too slow and redundant after they bought a sparkling new Pentium III/500. These older PCs, some of them 486's with just 16MB of RAM or so, have been recruited to act as firewalls by reformatting the hard drive and installing a suitably configured implementation of Linux. This option also offers the advantage of allowing several networked PCs to share the one Internet connection -- very handy for the small office and busy household.

The down-side of this option is that even with all the hard work that companies such as Red Hat have done in an attempt to make the Linux installation process "easy-peasy", getting to grips with a UNIX-like operating system can be a nightmare for those who still find Windows a little daunting.

The other, and most favoured option, is to install one of the many personal firewall products on the market.

There are quite a few of these. Some are shareware, some freeware and some are fully-blown commercial products.

The one which most respondents mentioned was Black Ice. I have installed a copy of this product and it seems to perform as advertised -- but it is somewhat of a disappointment in some regards. There's no built-in facility for reading the log files and I noticed in testing that it doesn't always detect "lightweight" single probes -- while at the same time it reports harmless "pings" and traceroutes as "Attacks."

Its greatest value is that it effectively gags your PC from blabbing back to any hacker's attempts to detect it. In short, it wraps your computer in a stealth blanket so that for all intents and purposes, it appears invisible to those malevolents who are looking to break your Windows(tm).

Unfortunately the developers of Black Ice have established a reputation for slackness so bear this in mind when considering a purchase.

A really good site with lots of information, online security tests and a free personal firewall product to download can be found at the Shields UP! site. I highly recommend you visit this site and read all the material there.

It's pretty important that you also run a virus-checker on your system so as to reduce the chances of someone planting a backdoor program (such as the Sub7 trojan or BackOrifice) on your computer via an email attachment. Remember -- while you might be methodical about not opening attachments from unknown sources -- one day your finger might slip or someone else may be using your PC and not be quite so careful so a little protection is a valuable thing.

However, if you don't have, or don't want all this fancy software you should know that Windows and UNIX come with a built in utility that can be handy for checking whether people are trying to attack your system.

I refer to the "netstat" utility that can be run from a DOS window in Windows or a command shell in UNIX.

Netstat will list all the current network connections that exist between your machine and the rest of the world. It will also list all the ports which are currently listening to the Net (sitting and waiting for some other computer to connect).

If you are surfing the Net and your computer suddenly seems to have an inordinate amount of disk activity -- or your modem's lights start flickering without explanation, typing "netstat" into an open DOS window may just highlight an unexpected and unwanted conversation going on with some other computer on the Net.

There is plenty of documentation available on the Web for the netstat program although, since it has its origins in the UNIX world, it may not be particularly understandable to the average non-technical user.

If there's enough demand I'll create a brief "plain English" summary of the various options and information that netstat produces -- however I strongly suggest you use one of the other commercial personal firewall products as your preferred defense and reporting system.

Tomorrow I'll continue this series with a further look at Net security and safety for the average user.

As always, your comments are gladly received.

Aardvark Reviews... IHUG's StarNet Trade & Exchange www.listener.co.nz (Updated 26 Mar) MS Image Composer Sony Mavica FD7 Epson 600 iomega ZIP