how to protect yourself from hackers
There is a saying that goes “Prevention is better than cure.”
After reading this manual hopefully you are looking for ways to
protect your privacy. Take it back from those who may invade it.
The individuals who are responsible for these attacks will always
prey off those who do not take an interest in defending their
privacy.
“Give a man a fish and he’ll eat for the day. Teach a man how to
fish and he’ll never starve.”
By showing you steps and procedures you can use to protect
your system from being hacked, you’ll quickly regain your sense
of security.
FIREWALLS
A firewall in layman terms is essentially a program which filters
network data to decide whether or not to forward them to their
destination or to deny it.
These programs will generally protect you from inbound “net
attacks.” This means unauthorized network request from foreign
computers will be blocked.
I cannot stress how important it is in this day and age to have a
firewall of some kind installed and “running” on your computer.
I personally recommend that you use one of the following or both
if you can.
Black Ice Defender
This is a very user-friendly comprehensive firewall program. I
highly recommend it to both advance and novice users. It has a
simple graphical interface that is easy to understand and pleasing
to the eye.
It detects your attacker, stops their attack and or scan and gives
you as much information available on the “attacker.”
You can download Black Ice Defender at:
http://www.networkice.com
Lockdown 2000
I also recommend Lockdown 2000 as a security measure.
Lockdown2000 has a very nice graphical interface to it also and is
user friendly. It does the same thing Black Ice Defender does but
also runs scans on your system for Trojans. It monitors your
registry and system files for changes that occur. Then gives you
the option of either undoing all the changes or allowing it.
You can obtain a copy of Lockdown2000 from:
http://www.lockdown2000.com
I find using both firewalls in conjunction with each other works
quite well. As they both compensate for the short-comings of the
other.
Anti Virus Software
This is also another piece of software you should by all means
have on your system. We all know it’s a necessity however we
are all guilty of not using them.
There are numerous anti-virus software out there. Norton
Antivirus and Mcafee are two of the more common ones. They
are all good and do their job.
You can find each of these programs at:
http://www.norton.com
http://www.mcafee.com
I personally recommend using 1 virus scanner and both firewalls.
The reason is I find Black Ice Defender blocks incoming attacks
and any system changes that occur on your system Lockdown
catches.
TIPS & TRICKS
I feel it necessary for you to pay particular attention to this
section. The above programs will function and do their job, but
that’s only half the battle.
There are certain precautions you need to take as a user to
ensure your system remains a “fortress.”
Tip #1:
For Dial Up users: If you are a dial up user then you use a
modem either internal or external kind to get online. If you have
an external modem then this tip is easy. If you look at the
modem you’ll see lights on the front of it.
When you’re doing anything on the net you’ll notice lights
blinking that indicate that you are Sending Data, and Receiving
Data. Depending on how often the lights blink and how fast they
blink gives a rough idea of how much activity is going on between
your computer and the net.
Here’s where a little perception comes into play. If you are
connected to the internet, and are just sitting by your system
doing absolutely nothing, those lights have no business to be
blinking rapidly. They will flash periodically indicating it’s
checking it’s connectivity, however there should be no heavy data
transfer of any kind if you are not doing anything on the net.
For Example: If you have your email program open and you are
just sitting there reading your mail, you may notice that every 15
sometimes 20 mins that the lights will blink back and forth
indicating it’s sending and receiving data. This is normal because
chances are you have your email program configured to check
your mail every 20 mins.
If by chance you notice the lights on your modem is blinking
consistently for let’s say a period of 2mins non stop be extremely
suspicious.
If you have an internal modem, you will not be able to see the
lights on your modem, instead you can rely on the two tv looking
icons at the bottom right corner of your screen near the clock.
They will look something like this.
Any data being sent and received will be noticed by the blinking
of the lights rapidly.
If you are on cable or dsl, the same applies. There should never
be any form of heavy data transfer of any kind from your system
to anything unless you are authorizing it. Some examples of
activity that can justify heavy data transfer are as follows:
• Legitimate Programs running that may need to access the
net occasionally. (ie, Email programs)
• If you are running an FTP server where people purposely
log into your machine to download files you have given
them access to.
• If you are downloading files off the internet
Things of that nature will generate a lot of data transfer.
Allow me to take this opportunity to explain to you another “Tool”
you should be aware of. Let’s assume you realize that there is a
lot of data being sent and received from your machine and you’re
not even sitting at it.
How do you know what’s going on?
Let’s do a short exercise.
• Click Start
• Go to Run (Click Run)
• Type Command
• Click OK
Again you should get a screen that looks like this.
Once you have this screen type the following:
• Netstat –a
This command will give you a listing of everything your
computer is communicating with online currently.
The list you get will look something like this:
Active Connections
Protocol Local Address Foreign Address State
TCP COMP: 0000 10.0.0.1 : 0000 ESTABLISHED
TCP COMP:2020 10.0.0.5 : 1010 ESTABLISHED
TCP COMP:9090 10.0.0.3 : 1918 ESTABLISHED
You’ll see a variety of listings like the above. It will give you the
Protocal being used, the local address (your computer) and what
port on your computer the “Foreign Address” is being connected
to and the (State) of which the (Foreign Address) is. For
example if it is (Established) then that means whatever the
foreign address says is currently connected to your machine.
There is software available that will show you this information
without typing all those commands.
The name of the software is called Xnetstat, you can obtain a
copy of it from here:
http://www.arez.com/fs/xns/
If for whatever reason you believe you are sending and receiving
a lot of data then it is wise to do a netstat –a to see what is
connected to your computer and at what ports.
Protecting Shared Resources
For those of you who have internal networks between two
computers probably have a shared resource of some kind. Earlier
in this manual I showed you how to find what is being shared.
Let’s have a look at how to protect those shared resources.
• Click Start
• Scroll up to Programs
• Go to Windows Explorer (Click on it)
Once you have done this you should see a window that comes up
with a bunch of folders listed on the left and more folders listed
on the right.
Scroll through the listing and look for whatever shared files you
have. For a refresher the folder will look like this.
Once you have found those folders you must now protect them.
• Click on The folder (once) so it is highlighted
• Use the right mouse button, (the one closest to your pinky
finger) and click on the folder.
You will get a menu:
Your menu may look different than mine, but what you’re looking
for is the word “sharing.”
When you click on Sharing you will see another window that looks
like the following.
This is where you can either share this folder or turn it off. If you
wish to turn off the sharing you would select (Not Shared).
If you must share a folder then follows these steps. This will
make the folder read only. That means no one can delete
anything from those folders if they were to break into your
system using a “Netbios” attack.
The next step is to password protect the directory.
Once you type in the password click (OK) and you’re done.
My personal suggestion is to set any directory you are sharing to
(Read Only) and password protect it. This is only if you must
share resources.
Disabling File and Printer Sharing
For those of you who do not have a home network going you
should disable file and printer sharing. There’s no reason to have
this feature turned on. Do the following steps to disable it.
(You will require your windows 95/98 CD for this)
• Click on Start
• Scroll up to Settings
• Click on Control Panel
This will bring you into your Control Panel. You will see a variety
of icons the one you are looking for will be the icon that says
(Network) and it looks like this.
Once you have found the icon double click on it. You will then
receive a screen that looks like this.
To turn off the file and printer sharing you will need to click on
the button that says (File and Print Sharing).
After clicking on that a box will open:
Uncheck both of these then click okay.
You must then click (OK) again and this will return you to the
Control Panel.
At this point will be prompted for you Windows CD. Simply insert
it and click OK.
Sometimes you will receive a message that says
“The file being copied is older than the existing file ..etc.etc. Do
you wish to keep your existing file?”
You should click NO.
When the process is completely done your system will ask you if
you wish to reboot. Click on Yes. Once your system has
rebooted you can come back to the Network Screen and check to
make sure the “File and Print Sharing” has been disabled.
Software wise up until this point we have talked about how to
protect your system. I’d like to discuss the process involved for if
you system is infected.
OH NO! MY SYSTEM’S INFECTED
Hope-fully this is not the case for the majority of you, but I know
there will be a few people who are going to be infected. The only
way you are really going to know if you are infected is diagnosing
your computer properly.
I recommend getting Lockdown 2000 for this. Install it on your
system and run a full system scan on your machine. (Consult the
documentation for Lockdown 2000)
After running Lockdown 2000, run your anti virus scanner just
in case Lockdown missed anything. You may ask yourself why I
suggest such redundancy? Computers are built on the principle
of redundancy. One program will always compensate for the
short-comings of the other.
This should reveal most if not all Trojans currently residing on
your machine. Until you are absolutely sure about not possessing
any Trojans on your machine I suggest being alert of the
happenings on your computer.
1. Watch the transmit and receive lights on the modem like
we discussed.
2. Run the firewall programs I suggested to block out
intruders.
3. Monitor your system for unusual happenings (CD Rom
opening for no reason)
4. Use the Netstat command to see what ports are being used
if you get suspicious.
The ultimate goal is not to be paranoid about the use of your
computer. It’s about being smart about how you use your
computer
Have a nice day friends