Originally published Monday, May 15, 2000
"Every action has an equal and opposite
reaction". Perhaps Sir Isaac Newton wasn't specifically referring to
my new DSL connection in his third law of physics, but it's a true
statement. There is a potential downside to this wonderful, high speed,
"always on" Internet connection that could be devastating.
Especially in these wild times of virus proliferation and computer
hijacking, one can't be too concerned about security and privacy.
While the overall risk and exposure to computer viruses remains unchanged with high-speed access, a computer that is always connected to the Internet is more vulnerable to a literal takeover by nefarious sorts. Hackers can hijack your computer or network to steal files, destroy data or upload and hide files, such as pornography. You can even be the unwitting participant in a virus attack that's staged from your computer, as was the case in the recent denial-of-service attacks.
The longer you're online, the more likely your computer can be identified and potentially exploited because your actual location on the Net can be discovered. Every computer connected to the Internet, even dialup connections, has a unique address on the Internet called an IP address. IP is the addressing portion of the TCP/IP protocol that sets the rules for sending and receiving data across networks. IP addressing is based on a system of hosts and networks and the actual addresses are represented as four decimal numbers, such as 126.96.36.199.
IP addresses come in two varieties: Static and dynamic. A static IP address, like my DSL connection is fixed. Like my street address, I have a permanent address on the Internet. Dynamic IP addresses are systematically assigned and "leased" for a finite period, usually 24-72 hours.
Most dial-up connections as well as cable connectivity utilize dynamic IP addressing, so the actual addresses when connected to the Net change often. You're a bit less vulnerable with dynamic IP addressing, but in reality even dialup users are susceptible to hacking routines designed to ferret out the IP addresses of unprotected computers connected to the Net.
A firewall is your protection against such unwanted intrusions. A firewall is a security system that limits access to your site from the greater Internet. TCP/IP is a complicated system of data transmission but suffice it to say that it utilizes a system of openings or "ports" to transmit information to and from, your computer. Firewalls monitor these ports and limit data traffic to your computer. A firewall can be an actual physical device connected to your PC or it can be software that renders your system invisible to the Internet.
BlackICE Defender and Zone Alarm are two popular software firewall products that can be downloaded from the Internet. Both these products stand guard against unwanted visitors and require little knowledge of ports or TCP/IP. ZoneAlarm is free for personal and non-profit use and can be downloaded from http://www.zonelabs.com.
BlackICE Defender can also be downloaded from the Net for a $39 fee http://www.networkice.com. Like ZoneAlarm, BlackICE blocks unsolicited inbound connections and monitors all data traffic flowing through the system.
For my system, I chose D-Link, a physical firewall product. http://www.dlink.com. It looks like an external modem that interfaces between my PC and the DSL modem. The advantage of a physical firewall is that hackers never reach the actual computer. D-Link acts as a decoy and looks like a router to greater Net. On my side of the firewall, I use a "private" IP addresses that are non-routable. SonicWall is another good, more industrial strength physical firewall http://www.sonicwall.com.
Be sure you inquire about firewalls when ordering your high-speed access and get recommendations from your vendor. The likelihood that your high-speed Internet connection will be hacked is much less than being bitten by the LoveBug, but as fast as technology is moving it's an important security consideration that shouldn't be ignored.
Cathi Schuler owns a computer literacy training/consulting company, Cee Prompt! She is a co-author of computer textbooks and can be reached by e-mail at firstname.lastname@example.org or email@example.com or by mail c/o The Record, P.O. Box 900, Stockton, CA 95201. She is on the Internet at: http://www.ceeprompt.com. Click here for past archived columns.
Amazon.com is pleased to have CeePrompt!
in the family of Amazon.com associates. We've agreed to ship
products and provide customer service for orders we receive through
special links on CeePrompt!.