Network Security: It's Not Just For Corporations Anymore
15 years ago, the average household didn't have a computer in it at all. Those that did were mostly not connected to any type of network in any fashion. That means that in 1989, most folks weren't dialing into anything. There were stand-alone electronic bulletin board systems (the term was "BBS") but each was basically an island. E-mail sent on a given system didn't travel to any other system, so most users who were dialing them up tended to hit 2-6 BBS's a day. Most BBS's had only 1 or 2 inbound lines although some of the larger ones could support dozens of users. AOL was a service that had been launched for Mac's and Apple II computers only, and that was just launched that year. The PC version - running under DOS - wouldn't be released for another year and some. The Windows version was 2 years after that. The average speed of such a connection was 2400 baud. That's just a hair over 2K. Compare that to the average dial-up speed of 36-56K today. Broadband runs between 128K and 768K for most homes, higher than that for some.
Suffice it to say that most computers weren't attached to a network for any length of time. Those times that they were connected, they sure didn't have the bandwidth to allow a hacker to get much done and he surely would have eaten up too much capacity and gotten noticed.
Today, statistics show that the average household does indeed have at least 1 computer. This one has 5 if you count the business laptops. While broadband is still in the realm of "likely not" when a survey is considered, those that do have broadband almost always have a network in place, meaning more than 1 computer in the house connected together via a switch or hub of some type. The latest rage is all about wireless connectivity. Companies like Linksys, Netgear, D-Link, Cisco, Apple, and others have produced devices that not only allow a connection to a broadband service, but allow the PC's in your house to connect to it and each other wirelessly. Just like magic, John W. Public can buy himself a wireless router, hook the cable from the wall into the plug on the router that says "wall", fire it up and have access shared between the computers in minutes. It's a great tool. What once required some technical sophistication and ability to run cables through your walls can now be done completely cable-less and by people who can't figure out how to set the clocks on their VCR's. Ah, but with simplicity comes a price.
The fact of the matter is that corporations have hired network engineers for years because there's a difference between just deploying a network that connects devices and putting one up that does so without exposing the company's systems to attack. If you're one of the many new network owners who slapped in a device right out of the box in your home, then you should listen carefully. Unless you took the time to read the instructions on how to secure your network, you are very likely wide open right now. No, this isn't hysterical rhetoric and I'm not trying to sell you something. That wireless router might be granting access to anyone in range to your entire network, and that includes your PC.
OK, here's the technical part: the wireless "cloud" that all your PC's use to connect to your router doesn't stop at your walls. It extends out to the range allowed by the router's power and how much stuff it has to "punch through". Big, heavy stone walls will shorten the range a lot more than the average sheet of drywall. Whatever range is being achieved by your router, everyone located within that cloud can connect wirelessly. Everyone who does so is connected via that same cloud and that means everyone connected to it is visible to everyone else so connected. That router can have the world's best firewall built into it and that does precisely zero for your PC if someone connects to your network via the wireless cloud. That's because they can see your PC directly without ever going to the router. If the system you're using isn't inherently secure - and MS Windows products aren't - then your PC has little protection against some very commonly available programs. These programs can access your hard drive, especially if you haven't password protected access to them. They can monitor the traffic being sent. They can... Well, they can do all kinds of things, but that's not the point. The point is, why make it easy on them?
The wireless routers allow traffic being sent across the cloud to be encrypted. A very weak but commonly available encryption is called "WEP". It's not great, but it's a lot better than nothing. Better still is the ability to designate permission based on the physical address (called the MAC address) so you only allow PC's that you specifically say can access the network. Running both protections is even better and doesn't require all that much effort. Check your router's instruction manual for details.
I bring this up tonite because someone here in my neighborhood brought up a new wireless router here last week. I don't know who since I can't tell what direction they're in. All I do know is they took a Linksys router out of the box and plugged it in without securing it. My computer has been attached to another Linksys before, so when I turned the computer on tonite, it attached to their network instead of mine. I noticed the issue but decided to run some of my diagnostic tools on the connection, since that's what I do for a living. In less than 2 minutes this 1 program I have (freely available for download) was able to locate 2 PC's attached to the same Linksys router. Neither was asking for any passwords to attach to their hard drives. I had complete access to the data contained there and could have downloaded or deleted it at will.
Don't make it easy, folks. Learn to secure.