Gaurav Garg
gauravg@ipr.res.in
| Computer Security | Gaurav Garg gauravg@ipr.res.in |
How do intruders (unauthorized users) break into
computer?
In
some cases, they send you email with a virus.
Reading that email activates the virus, creating an opening that
intruders use to enter or access your computer. In other cases, they
take advantage of a flaw or weakness in one of your
computer’s programs
– a vulnerability – to gain access. Once
they’re on your computer, they
often install new programs that let them continue to use your computer
– even after you plug the holes they used to get onto your
computer in
the first place. These "backdoors" are usually cleverly disguised so
that they blend in with the other programs running on your computer. Whether your computer runs Microsoft Windows,
Apple’s Mac OS,
Linux, or something else, the issues are the same and will remain so as
new versions of your system are released. The key is to understand the
security -related problems that you need to think about and solve. The Internet was built on trust. Only within the
last few years,
when Internet commerce (known as e-commerce) began to spread, it has
become inadequate to rely principally on trust. For example, in an
email message, an intruder can easily fabricate where the email came
from. But this information forging – called spoofing by
intruders
and security professionals – is not limited to just email. In
fact, the basic unit of information transferred on the Internet
–
called a packet – can also be easily forged or spoofed.
Nonetheless, a true sense of insecurity is better than a false sense of
security. So, think about the information you trust. Be critical and
cautious. What
does this mean and why should you care? It
means that any information you receive from some other computer
on the Internet should not be trusted automatically and
unconditionally. When you trust an email message that turns out to have
a harmful virus attached to it, your computer can be infected, your
files destroyed, and your work lost. And that’s why you
should
care. When you send email, browse a web site, or
chat online with someone,
the conversation between you and that person does not go directly from
your computer to his or her computer. Instead, it goes from your
computer to another computer to still another computer and so on,
eventually reaching his or her computer. Anyone or, more accurately,
any program, in that Internet that can hear that conversation can also
probably understand it. Why? Because Internet conversations are in the
clear, meaning that the information exchanged between computer systems
is not concealed or hidden in any way. You need to know that the
information sent across the Internet may be at risk of others listening
in, capturing what you send, and using it for their own benefit. Anti-virus programs look at the contents of each
file, searching for
specific patterns that match a profile – called a virus
signature
– of something known to be harmful. For each file that
matches a
signature, the anti-virus program typically provides several options on
how to respond, such as removing the offending patterns or destroying
the file. Viruses can reach your computer in many ways,
through floppy disks,
CD-ROMs, email, web sites, and downloaded files. All needs to be
checked for viruses each time you use them. In other words, when you
insert a floppy disk into the drive, check it for viruses. When you
receive email, check it for viruses. When you download a file from the
Internet, check it for viruses before using it.
The following are the steps you should
do to secure your computer. Their
order is based on how intruders attack computers, beginning with the
most-often used attack methods.
1
- Install and Use Anti-Virus Programs
Most
anti-virus programs let you schedule periodic exams of all files on
your computer on a regular basis, daily for example. If you
leave
your computer turned on over night, think about scheduling a
full-system review during that time.
Also update the definitions(virus-signature) of anti-virus periodically.
Intruders are the most successful in
attacking all computers when
they use viruses and worms. Installing an antivirus program and keeping
it up to date is among the best defenses for your computer.
2 - Keep Your System Patched
What do you do when a software "appliance" – a program – or the operating system itself breaks? How do you restore the functions that they provide? Do you know whom to call or even where to look to determine what to do next?
Vendors often provide free patches on their web sites. When you purchase programs, it’s a good idea to see if and how the vendor supplies patches, and if and how they provide a way to ask questions about their products. Program vendors also provide a recall-like service. You can receive patch notices through mail by subscribing to mailing lists operated by the programs’ vendors. Through this type of service, you can learn about problems with your computer even before you discover them and, hopefully, before intruders have the chance to exploit them. Consult the vendor’s web site to see how to get email notices about patches as soon as they’re available.
Some vendors have gone beyond mailing lists. They provide programs bundled with their systems that automatically contact their web sites looking for patches specifically for your computer. These automatic updates tell you when patches are available, download them, and even install them. You can tailor the update features to do only want you want, such as just telling you something new is waiting but doing nothing more.
Imagine then that you’ve either found a patch on the vendor’s site or you’ve received notice that a patch is available. What do you do next? Follow the steps below to evaluate a patch before you install it:
1. Does this patch affect one of the programs on your computer? If it doesn’t affect your computer, you’re done.
2. Can you tell from the vendor’s web site or the patch’s description if installing it breaks something else that you care about? If installation does break something, then you have to decide how to proceed. Try notifying the vendor of the program that might break to learn what their strategy is for addressing this problem. Also, use your web browser to learn if anyone else has experienced this problem and what he or she did about it.
3. Can you undo the patch? That is, can you restore your computer to the way it was before you installed the patch? Currently, vendors are building most patches with an uninstall feature that enables you to remove a patch that has unwanted consequences. In addition, some computers also come with features that help you restore them to a previously known and working state should there be a problem. You need to know what your computer provides so that you can undo a patch if necessary.
The longer a vulnerability is known, the greater the chances are that an intruder will find it on your home computer and exploit it. With the above tests, you can quickly evaluate and install patches to keep intruders off your computer.
One last thing: patches are usually distributed as programs. This means that you need to use the steps described in Step 7, Use Care When Downloading and Installing Programs, before loading and installing a patch.
3 - Use Care When Reading Email with Attachments
We’ve all heard stories about people receiving an item in the mail that in some way caused them harm.
These unsolicited items are sent to unsuspecting recipients. They may contain a return address, a provocative envelope, or something else that encourages its receiver to open it. This technique is called social engineering. Because we are trusting and curious, social engineering is often effective.
| You probably receive lots of mail each day, much of it unsolicited and containing unfamiliar but plausible return addresses. Some of this mail uses social engineering to tell you of a contest that you may have won or the details of a product that you might like. The sender is trying to encourage you to open the letter, read its contents, and interact with them in some way that is financially beneficial – to them. Even today, many of us open letters to learn what we’ve won or what fantastic deal awaits us. Since there are few consequences, there’s no harm in opening them. |
|
Email viruses and worms are fairly common. If you’ve not received one, chances are you will. Here are steps you can use to help you decide what to do with every email message with an attachment that you receive. You should only read a message that passes all of these tests.
1. Is the email from someone that you know?
2. Have you received email from this sender before?
3. Were you expecting email with an attachment from this sender?
4. Does email from the sender with the contents as described in the Subject line and the name of the attachment(s) make sense? For example, would you expect the sender – let’s say your Mother – to send you an email message with the Subject line "Here you have, ;o)" that contains a message with attachment – let’s say Anna Kournikova.jpg.vbs? A message like that probably doesn’t make sense. In fact, it happens to be an instance of the Anna Kournikova worm, and reading it can damage your system.
5. Does this email contain a virus?
You should apply these five tests to every piece of email with an attachment that you receive. If any test fails, toss that email. If they all pass, then you still need to exercise care and watch for unexpected results as you read it.
Now imagine that you want to send email with an attachment to someone with whom you’ve never corresponded – what should you do? Here’s a set of steps to follow to begin an email dialogue with someone.
1. Since the recipient doesn’t already know you, you need to send them an introductory email. It must not contain an attachment. Basically, you’re introducing yourself and asking their permission to send email with an attachment that they may otherwise be suspicious of. Tell them who you are, what you’d like to do, and ask for permission to continue.
2. This introductory email qualifies as the mail received from you.
3. Hopefully, they’ll respond; and if they do, honor their wishes. If they choose not to receive email with an attachment from you, don’t send one. If you never hear from them, try your introductory email one more time.
4. If they accept your offer to receive email with an attachment, send it off. They will know you and will have received email from you before. They will also expect this email with an attachment.
5. Whatever you send should make sense to them. Don’t use a provocative Subject line or any other social engineering practice to encourage them to read your email.
6. Check the attachments for viruses.
The above tests help you focus on the most important issues when sending and receiving email with attachments. Use it every time you send email, but be aware that there is no foolproof scheme for working with email, or security in general. You still need to exercise care.
While an anti-virus program alerts you to many viruses that may find their way to your computer, there will always be a lag between when a virus is discovered and when anti-virus program vendors provide the new virus signature. This means that you shouldn’t rely entirely on your anti-virus programs. You must continue to exercise care when reading email.
4 - Install and Use a Firewall Program
On a computer, the firewall acts much like a guard when it looks at network traffic destined for or received from another computer. The firewall determines if that traffic should continue on to its destination or be stopped. The firewall "guard" is important because it keeps the unwanted out and permits only appropriate traffic to enter and leave the computer.
|
|
To do this job, the firewall has to look at every piece of information – every packet – that tries to enter or leave a computer. Each packet is labeled with where it came from and where it wants to go. Some packets are allowed to go anywhere (the employee with the ID badge) while others can only go to specific places (visitors for a specific person). If the firewall allows the packet to proceed (being acceptable according to the rules), it moves the packet on its way to the destination. In most cases, the firewall records where the packet came from, where it’s going, and when it was seen. The firewall can also check whether a given packet should pass, allowing the computer’s user to respond to unanticipated network traffic. Individual packets can be allowed to pass, or the firewall can be changed to allow all future packets of the same type to pass. Finally, firewalls can filter packets based not only on their point of origin or destination, but also on their content. |
Firewalls can also recognize and record when a computer-to-computer connection ends. If the connection was temporary (like a visitor), the firewall rules can change to deny future similar connections until the system’s user authorizes them (just as visitors must re-identify themselves and be re-approved by an employee). Finally, outgoing connections can also be filtered according to content (again, similar to inspecting possessions at the exit).
What does this all mean? It means that with a firewall, you can control which packets are allowed to enter your computer and which are allowed to leave. That’s the easy part. The hard part is deciding the details about the packets that are allowed to enter and exit your home computer. If your firewall supports content filtering, you also need to learn which content to allow and which not to allow.
You can program your firewall to let nothing in and nothing out. This is a deny-all firewall strategy and it does work, though it effectively disconnects you from the Internet. It is impractical for most computers. Some firewall products let you easily review each packet so that you can decide what to do with it. Just like the security guard who learns that anybody with a company photo ID is allowed to pass, you too can create firewall rules that allow traffic to pass without reviewing each packet each time. For example, you may choose to allow your Internet browsers to visit any web site. This rule would define the source of that traffic to be your browsers (Netscape Navigator and Microsoft Internet Explorer, for example) and the destination location to be any web server. This means that anybody using your computer could visit any Internet web site, as long as that web server used the well-known standard locations.
Now that you have an idea of what your firewall security guard is trying to do, you need a method for gathering information and programming your firewall. Here is a set of steps to use to do just that:
1. What’s the program that wants to make a connection to the Internet?
2. What’s the Internet location of the computer system to which your computer wants to connect? Locations consist of an address and a port number. Sometimes a program is allowed to connect to any Internet location, such as a web browser connecting to any web server.
3. Is this connection allowed or denied? Your firewall rules will contain some of each.
4. Is this connection temporary or permanent? For example, if you’re going to connect to this specific location more than five times each time you use the computer, you probably want to make the connection permanent. This means that you ought to add a rule to your firewall rules. If you aren’t going to make this connection often, you should define it as temporary.
With each connection, apply the above tests to get the information you need to build a firewall rule. The answer to the above tests tells you if you need to include a new firewall rule for this new connection. For most firewall programs, you can temporarily allow a connection but avoid making it permanent by not including it in your rules. Where possible, allow only temporary connections.
Many firewalls can be programmed to require a password before changing the rules. This extra level of protection safeguards against unwanted changes no matter their source, that is, you, an intruder, or another user. Follow the guidance in Step 6, Use Strong Passwords, when assigning a password to your firewall.
Firewalls come in two general types: hardware and software (programs).
The software versions also come in two types: free versions and commercial versions (ones that you purchase). At a minimum, you should use one of the free versions on your computer. This is especially important if you have a laptop that you connect to your network as well as a network at a hotel, or a conference.
5 - Make Backups of Important Files and Folders
What have you done about the files that you can’t replace? Examples are the files that make up your checking account records, that novel you’ve been writing for the past few years, and those pictures you took last summer with your digital camera. What happens if your computer malfunctions or is destroyed by a successful attacker? Are those files gone forever?
|
Said another way, can you back up your files onto some other media so that you can recover them if you need to? When deciding what to do about backing up files on your computer, ask these questions: 1. What files should you back up? The files you select are those that you can neither easily recreate nor reinstall from somewhere else, such as the CD-ROMs or the floppy disks that came with your computer. 2. How often should you back them up? In the best of all cases, you should back up a file every time it changes. If you don’t, you’ll have to reintroduce all the changes that happened since your last backup. |
|
3. Where should you back them up to; that is, what media should you use to hold backed up files? The answer is whatever you have. It’s a question of how many of that media you have to use and how convenient it is. Larger capacity removable disk drives and writable CD-ROMs work well, take less time, and are more convenient. If you don’t have a backup device, there are alternatives. There are Internet services that let you back up your files to another Internet computer. To find these services, do some Internet searches using your browser. Remember that the information you transfer across the Internet could be viewed and captured by others; that is, the information is in the clear. Be sensitive to that if you use an Internet-based backup computer. In addition, you need to be able to trust the information when you recover a file from that service.
4. Where should you store that media once it contains your backed up files? No matter how you back up your files, you need to be concerned about where those backed up copies live.
As you computerize the routine aspects of your daily life, making backup copies of important files and folders becomes critical. Even if you can’t store the backup copies in a fireproof container or somewhere else, make backups anyway. Any backup is better than none.
6 - Use Strong Passwords
For each computer and service you use (online purchasing, for example), you should have a password. Each password should be unique and unrelated to any of your other passwords. You shouldn’t write them down nor should you share them with anyone, even your best friends.
Computer intruders use trial-and-error, or brute-force techniques, to discover passwords. By bombarding a login scheme with all the words in a dictionary, they may "discover" the password that unlocks it. If they know something about you, such as your spouse’s name, the kind of car you drive, or your interests, clever intruders can narrow the range of possible passwords and try those first. They are often successful. Even slight variations, such as adding a digit onto the end of a word or replacing the letter o (oh) with the digit 0 (zero), don’t protect passwords. Intruders know we use tricks like this to make our passwords more difficult to guess.
Even a complicated password can be copied and the copy reused. Remember the earlier discussion about information on the Internet being in the clear? Suppose that really strong password you took a long time to create – the one that’s 14 characters long and contains 6 letters, 4 numbers, and 4 punctuation marks, all in random order – goes across the Internet in the clear. An intruder may be able to see it, save it, and use it. This is called sniffing and it is a common intruder practice.
The point is that you need to follow the practice of using a unique password with every account you have. Below is a set of steps that you can use to help you create passwords for your accounts:
1. Is the password as strong (meaning length and content) as the rules allow?
2. Is the password unique and unrelated to any of your other passwords?
3. Can you remember it without having to write it down?
4. Have you changed it recently?
In spite of the above tests, you need to be aware that sniffing happens, and even the best of passwords can be captured and used by an intruder.
7 - Use Care When Downloading and Installing Programs
|
|
Today’s Internet has a feature that standard products don’t have, or at least have but to a lesser extent. This feature is free programs. There is a multitude of free programs available for all types of systems, with more available each day. The challenge is to decide which programs deserve your confidence and are, therefore, worth the risk of installing and running on your home computer.
|
What’s the problem you’re trying to solve here? You are trying to determine if the program you’ve just found satisfies your needs (say it provides a service that you want or you’re just experimenting) without causing harm to your computer and ultimately the information you have on the computer. How do you decide if a program is what it says it is? How do you gauge the risk to you and your computer by running this program?
So then, how do you decide if a program is worth it? To decide if you should install and run a program on your computer, follow these steps:
1. What does the program do? You should be able to read a clear description of what the program does. This description could be on the web site where you can download it or on the CD-ROM you use to install it. You need to realize that if the program was written with malicious intent, the author/intruder isn’t going to tell you that the program will harm your system. They will probably try to mislead you. So, learn what you can, but consider the source and consider whether you can trust that information.
2. What files are installed and what other changes are made on your system when you install and run the program? Again, to do this test, you may have to ask the author/intruder how their program changes your system. Consider the source.
3. Who is the author? (Can you use email, telephone, letter, or some other means to contact them?) Once you get this information, use it to try to contact them to verify that the contact information works. Your interactions with them may give you more clues about the program and its potential effects on your computer and you.
4. Has anybody else used this program, and what can you learn from him or her? Try some Internet searches using your web browser. Somebody has probably used this program before you, so learn what you can before you install it.
If you can’t determine these things about the program you’d like to install, then strongly consider whether it’s worth the risk. Only you can decide what’s best. Whatever you do, be prepared to rebuild your computer from scratch in case the program goes awry and destroys it. The section on backups (Step 5) tells you how to make a copy of your important information should you need it.
Your anti-virus program prevents some of the problems caused by downloading and installing programs. However, you need to remember that there’s a lag between recognizing a virus and when your computer also knows about it. Even if that nifty program you’ve just downloaded doesn’t contain a virus, it may behave in an unexpected way. You should continue to exercise care and do your homework when downloading, installing, and running new programs.
8 - Install and Use a File Encryption Program and Access Controls
There are 3 components of information security
-Confidentiality(means keeping secrets secret. Only those who are supposed to see that information should have access to it.)
-Integrity(has my information changed)
-Availability(can I get to my information whenever I need it)
Encryption , satisfies one of the three components of information security – confidentiality.
The problem is to control access to files and folders. The access control device here is the access control list or ACL. ACLs define who can perform actions on a file or folder: reading and writing, for example. ACLs are equivalent to a locked filing cabinet for paper documents. Different computer systems provide different types of ACLs. Some have fine-grained controls while others have virtually none. The key is to use all the controls that are available on your computer.
On a computer, when access to information can’t be limited, such for an e-commerce transaction over the Internet, that information is concealed through a mathematical process called encryption. Encryption transforms information from one form (readable text) to another (encrypted text). Its intent is to hide information from those who have neither the transformation method nor the particulars (the decryption keys) to transform the encrypted text into readable text. The encrypted text appears to be gibberish and remains so for people who don’t have the scheme and the keys.
Computer-based encryption schemes must also withstand the test of time. For example, if a credit card encryption scheme needs six months of computer time to break, the resulting clear text credit card number is probably still valid and, therefore, useful to an intruder. In this case, the encryption scheme isn’t strong enough to guard the information for its entire useful lifetime.
So, to guard paper or computer files, you need to limit who has access to them by using the access control devices, whether filing cabinets and safes for paper or access control lists for information on a computer system. For assets whose access cannot be sufficiently limited, you need to encrypt them strongly enough so that the time it takes to decrypt them is longer than their useful life.
First, if more than one person uses your computer, you can adjust the ACLs that control access to sensitive files and folders. Your goal is to allow the correct type of access to the files and folders that each user needs, and nothing more. The steps below help you to decide how to adjust the ACLs for files and folders:
1. Who – which users – need access to files besides you?
2. What type of access do they need? Read? Write?
3. Which files and folders need special access? Just like your firewall rules, your general policy should be to limit access to only you first, and then grant access beyond that where needed.
By applying above tests, you can limit access to sensitive files on your computer to only those who need it.
For very sensitive files and for files that are on a laptop, don’t rely solely on file and folder ACLs. You need to go further and use encryption.
Conclusion:
Email, instant messaging, and most web traffic goes across the Internet in the clear; that is, anyone who can capture that information can read it. These are things you ought to know.
You should always select and use strong passwords and exercise due care when reading all email especially the unsolicited variety. These are things you ought to do.
Finally, you can add a firewall, an anti-virus program, patches, and file encryption to improve the level of security on your computer. These are the things you ought to install.
The contents of this article has been taken from the site www.cert.org
CERT and CERT Coordination Center are registered in the U.S. Patent and Trademark Office by Carnegie Mellon University.
