Ancestry Magazine

If you use DSL or cable modems at home, how do you secure your PC from hackers on the outside?

I am very spoiled when it comes to Internet connectivity .� As an early subscriber to my local phone company’s DSL (Digital Subscriber Line) service, I have had fast Internet connections for years now.� Not only is it fast, but it is a constant and continuous connection to the Internet—”always on,” as they say.

First thing in the morning, I stumble down to my home office, following a detour to the kitchen to start the coffee, plop myself in front of the computer, and begin reading my genealogy-related e-mail messages. I don’t have to dial up, I don’t have to log on. My regular phone line isn’t interrupted when I use the Internet. My connection is active all night, busily downloading my large volumes of e-mail while I sleep.

I’m not alone in using an “always on” connection to the Internet. At the end of 2001, about 13 percent of all Internet users were taking advantage of the speed and convenience of connections like DSL and cable modems.

But while vendors are very good at selling the speed and convenience of these connection types, they are less effective in preparing their customers for the privacy and security consequences of these connections. If you are one of the current 13 percent of Internet subscribers using these connections or if you’re thinking about switching to an “always on” connection, you may want to implement some of the suggestions provided below.

What’s the Problem?

With a standard dial-up connection, you can control how long you are connected. And when your computer is disconnected, the outside world can’t talk to� your PC, and it can’t talk to the outside world. When it comes to preventing the outside world from doing harm to your PC, dial-up connections are more secure than “always on” connections because they are open less frequently.

Connections such as DSL or cable modems basically extend the Internet into your home on a permanent basis. These continuous connections mean that the outside world may try to access your PC even when you are not actively using it. Continuous connections give hackers more time to explore the electronic entrance to your PC for vulnerabilities.

Of the two, security issues are greater with cable modems than with DSL. Cable modems basically turn your physical neighborhood into a Local Area Network. You share the Internet connection with your neighbors who have also subscribed to the cable modem system. Besides concerns that the Internet Service Provider’s designated administrators may have access to your network traffic or your PC, this shared model of access can make your PC more vulnerable to being investigated by your neighbors (and their curious kids). DSL drops an Internet connection on your premises that you don’t share with your neighbors. Whichever method you use, or plan to use, there are steps you can take to make continuous Internet access more secure.

Action Items

Before you think about spending money securing your “always on” connection, there are a few things you can do to secure your system. When installing a cable modem or DSL router, one of the most basic security precautions is to change the default password that comes with the device. As part of your initial configuration of the device, you can select a new administrative password so only you have internal access to your connection. Make it a long, memorable password that would be hard to guess, not a common word found in the dictionary.

If you are using any version of the Windows operating system, the next cost-free step to securing your continuous Internet connection is to disable file and print sharing. If you have only a single PC at home, this step is straightforward . You don’t require file or print sharing anyway with only one PC, so turning the sharing off has nothing but positive security consequences.

If you use file and print sharing on your own home Local Area Network to share files and devices, disabling these features is not an option. Instead, you will want to password protect the printers and files that you share on your network. Such passwords prevent the automatic sharing of these resources with outsiders. Methods to disable or password protect file and print sharing vary slightly depending on what version of Windows you are using. Use your system’s Help files to find “file and print sharing” for exact instructions on how to make these changes.

Finally, you may consider turning off your PC when you are not using it. While this reduces some of the convenience of a continuous connection, it also reduces the window of opportunity outsiders have to get into your system. Of course, this method is far from fool proof as external attackers can still try your system while you are actually using your PC.

Spend Some Money

A sensible precaution to take with a continuous Internet connection is to purchase and install firewall software or hardware. Firewall software works like anti-virus software. It runs in the background, recognizes types of access attempts or other security incidents, stops them, and brings them to your attention. Firewall software must be loaded on every PC you have in your home network in order to provide full coverage.

Reputable home firewall software products include BlackICE Defender www.iss.net, ZoneAlarm www.zonelabs.com, and Norton Internet Security www.symantec.com/.

Once installed, these products need to be configured to fit your security needs. Perhaps the biggest challenge is to overcome their tendency to report “false positives” or incidents that have no real security impact. Some enlightened Internet Service Providers will even give you free firewall software when you sign up for their DSL or cable modem service.

Firewall hardware is more expensive, but more secure than firewall software. The software protects your systems at the PC level. The hardware protects your systems in front of and independently of the PCs it protects. Firewall devices are often used by businesses that have continuous Internet connectivity, and are usually placed between the DSL router/cable modem and the internal PC or network.

Some quality firewall devices for home usage include SonicWall www.sonicwall.com and Watch-Guard www.watchguard.com. The major drawbacks to firewall devices is their expense and complexity in configuration.

Feel Safe Yet?

I use a combination of the above techniques to secure my “always on” Internet connection. Genealogy is more than just a hobby for me; it is a passion. A high-speed, continuous Internet connection feeds that passion well. I feel protected from outsiders interfering with my household’s computing, but I do not suffer under the delusion that my system is hacker-proof. New security exploits are being discovered all the time and it can be difficult to fully protect oneself from all the already known exploits. What keeps me sleeping soundly at night isn’t the security precautions I’ve taken, but the backup tapes I update regularly. I might not be able to stop a determined intruder, but I can rebuild anything they may damage in their attack.�