When you leave your home or car for a period of time, do you lock your doors? Of course. Doing so gives you a sense of security. Your property won't be an easy mark for thieves.
The same is necessary for your computer; your internet connection leaves you vulnerable to hackers who want to access your financial and personal information. Some hackers may be after your high-speed connection so that they can send malicious viruses and worms, blackening your reputation. Other intruders have the power to destroy your operating system on a whim. How can you lock that computer door but still have the freedom to do your business online?
A solid firewall will help you stop intruders from accessing your system. You keep your internet link to the outside world but the outside world can't view you unless you want them to. With a firewall in place you will still have typical email access, but chat and other interactive programs will require you to take an extra step to grant access before you can use them. A firewall is powerful but unobtrusive, just like a deadbolt lock inside a door.
But unlike a single door to a home, the path to your computer data has two doorways. Some of your data is stored on a physical media storage device such as a hard drive, optical disk, thumb drive or some other form of media. The other method is your computer memory. An open door on either of these storage methods leaves your network and your data vulnerable.
Some of the most common methods to attack or view computer data include:
IP Spoofing - This form of attack occurs when someone outside your network spoofs (fools) your computer into recognizing the intruder as a trusted source--either a trusted internal source (by using an IP address that is within the range of IP addresses in your network) or a trusted external IP address that your system recognizes. This is like a stranger knocking on your door, claiming to be your long lost Uncle Joe. An IP address is like the computer's name, giving a computer a specific identity that other computers come to recognize.
IP spoofing only works when a hacker learns your IP address. The hacker then modifies the packet headers on his communications to your computer. A packet header is present in any transfer of computer data and is similar to a routing number on a check. The header guides the packet of data on its journey just as a routing number guides a check.
- Network Packet Sniffers - Windows NT sends network packets as unprotected clear text, inadvertently allowing anyone to pick packets up en route for a closer look. Even though some packet sniffers are legitimate (for network management) others are used to steal your information while in transit. This method is a hacker favorite because it's easier to pull off, harder to get caught.
- Man-in-the-Middle Attacks - This type of an attack occurs when someone accesses information between two individuals without either one detecting the infiltrator's presence. If both parties are using a public-key system to send data, the man-in-the-middle can intercept the public key, use it to decipher the message, copy it, then recode the data again to continue sending it on its way.
- Distribution of Sensitive Internal Information to External Sources - This form of an attack could involve a disgruntled employee or someone who has or once had access to sensitive corporate information. The individual could place the sensitive data on an external computer (such as an external FTP server or share a drive on a network) so others can have full access.
- Password Attacks - Passwords are the most vulnerable to attack. Once someone has access to a user's password, the attackers will then have the key to personal information. There are several ways an attacker can steal passwords. The most common are:
Password Guessing - This technique is often ineffective because it takes a long time to guess someone's password, even if the password is a common one. Attackers can either enter guesses manually or electronically.
Brute-Force Logon - This technique is essentially the same as password guessing, however, the attacker tries to quickly gain access to a user's username and password by using guessing tools to automate the process.
Password Cracking - This technique is more effective than the previous techniques. Password Cracking software obtains the password file in Windows through an elevated level of access, then uses a tool like PWDUMP to view the password data you've saved in a file.
For a side-by-side comparison of personal firewall software products, visit our Personal Firewall Software site.