Welcome to Blaisdell's Little Corner of the Web

Home Browsers Microsoft Office 97 Site Search Windows

Freeware | Freeware From A-Z | Security | Virus Information | Site Updated on 12/27/03

Information concerning Network Security
Go try it: Gibson Research's ShieldsUP
More on Web Security From Bo

SHIELDSUP! TESTS YOUR SECURITY VIA BROWSER--FOR FREE
Port probes and NetBIOS logins are the Inter-net's version of high blood pressure: a silent
killer. Unless you're running a firewall or have other monitoring capabilities, you have no idea
how often your system is being probed for weaknesses. Believe me, it's incessant. Even if your
drive is password-protected, some clown could be running a cracker against it, trying hundreds of
passwords per second. Windows will never let you know. Gibson Research's ShieldsUP! site tests
your system for security from your browser. The site has terrific information on Internet security and the way you configure your machine, as well.

Index

How it works and other related material to thwart would be hackers:
Free Firewall's and other late breaking security news you can use.
Network Security
My own paranoia
Some of what the ShieldsUp scanner does:
Aren't Password protected hard drives secure? -- Nope!
Permanent connection to the internet:
The scanner then probes even further by pressing the test my shields button:
Try these anti hacker tips for some piece of mind.
While you are at the site sign up for their email or click on the link below:
Gibson Research User-Managed eMail Notification System

The site also contains information on other applications and services provided by it's creator. Be sure to check them out while you are there.

E-Maile Me

About this Site

BoHunky0

Homestead

Tech Support Links



Network security is becoming big business on the net as more and more hackers are accepting the security challenge. Note: Never ever think that your system is immune from a, Hack Attack. Hackers are a vein and determined breed. It is the challenge of getting into a system that excites them. "But I only have a home PC, what would be the advantage for a hacker to get into my system? Does he want to play my version of, "DOOM"? Heh, that is a very naive question. It largely depends on the hacker and what they are trying to do. Some may be beginners. They only want to test their scanners to see if and how they work. They start with you then move up the food chain. You are at risk if you carry sensitive information. Bank statements, online bill paying, made any online purchases using your credit card? You see there are things that a hacker can and will use to help defray his/her costs. Of course there is always the challenge of just getting in. Once in......the posiblities are endless!
 
 


My own paranoia
I have on my own system, several false portals, ports, and Net BIOS's that lead to nowhere. Even so, the test that I ran, showed mainly what I expected, my net is fairly secure, using Gibson Research's ShieldsUP I discovered that I had an open portal, not enough to give a hacker access to my data but it did expose my ISP address, and several other sensitive computer data that could lead to more serious hack attempts on my system. Remember the challenge thing?
 
 
 
 
 
 
 
 

Some of what the ShieldsUp scanner does:
The shield displays this message at the startup scan with this alarming message:



Greetings Larry A. Blaisd!
Without your knowledge or explicit permission, the Windows networking technology which connects your computer to the Internet may be offering some or all of your computer's data to the entire world at this very moment!
(For example . . . that's how I know your name!)
I should explain here:
Though the fact that your name is boldly displayed you should know that this is mainly an attention grabber. Your name is usually associated with your TCP/IP (Transmission Control Protocol/Internet Protocol) address and it is not that difficult to find. The wide-area-networking protocol that makes the Internet work, and the only one most hackers can speak the name of without laughing or retching. Unlike such allegedly standard' competitors such as X.25, DECnet. It does make a point. No system is entirely safe if a hacker really wants to accept the challenge.

The scanner then probes even further by pressing the test my shields button:
Preliminary Internet connection established!
Your computer has accepted an anonymous connection from another machine it knows nothing about! (That's not good.) This ShieldsUP! web server has been permitted to connect to your computer's highly insecure NetBIOS File and Printer Sharing port (139). Subsequent tests conducted on this page, and elsewhere on this website, will probe more deeply to determine the extent of this system's vulnerability. But regardless of what more is determined, the presence and availability of some form of Internet Server HAS BEEN CONFIRMED within this machine . . . and it is accepting anonymous connections!
Accepting a connection is something that most networked computers do, it should not be mistakenly thought that just because a connection is granted, that data can in fact be processed.

The first scan:
Attempting connection to your computer. . .
Shields UP! is now attempting to contact the Hidden Internet Server within your PC.

The second scan finds:
Preliminary Internet connection established!
Your computer has accepted an anonymous connection from another machine it knows nothing about! (That's not good.) This ShieldsUP! web server has been permitted to connect to your computer's highly insecure NetBIOS File and Printer Sharing port
I thought that I had the scanner fooled in this section. It inaccurately thought that my blind NETBIOS was real. In subsequent scans though it did discover this false lead and was amended.

It runs through several more scans, I'll let you go to the site to see for yourself. After scanning my system it did find a hole that I was unaware of, even with all my paranoid attempts to surround my system with falsehoods and dead ends. So even with all my personal attempts to cover my tracks I have found a hole by using
Gibson Research's ShieldsUP.You should too.

Go to  Gibson Research's ShieldsUP and test your own system. If nothing else it will arm you with the information needed to make the chancges that will make hacking your system a little more difficult to all but the most diehard hacker...crackers are a whole other issue. You think I am a little to paranoid?



Password protected hard drives:
You say that you are not worried because your hard drives are all password protected? Oh boy, wrong answer. Any hacker worth their salt has an anti encryption device. It randomly searches for any possible key code, once discovered it is a mater of a few seconds to render your system vulnerable. The whole process, depending on your encryption software takes only a few minutes to perform.



Permanent connection to the internet:
Another problem is T1 lines that allow you to be connected to the internet for an extended amount of time. Some networks never disconnect from the net. These are the most vulnerable. You see, hacker scanners sometime attempt multiple passes on a system the longer you are connected to the net the more scans are allowed. The best security advise I could give anyone is not to stay connected to the net any longer then is necessary. Though this does not assure security, it does limit a hackers time attempting to code your system. The less time the hacker has is always in your favor.

~Bohunky0 should follow his own advise !~




Try these anti hacker tips for some piece of mind.
In closing I would like to make another suggestion to those that are as paranoid as I am. If you are truly concerned about security and want to make it harder for hackers try a few of the following if your ISP allows it. Check with your ISP to find out what their policy is on the subject of scrutiny.

1. Try using multiple network connections with different user names and passwords if possible. This will force a random connection ratio. Sort of like having your kids take a different rout to school every day or at different times. Never use a familiar pattern.

2. Most ISP only allow an 8 character password, lobby them to extend this to at least 30 characters. The more coded character the better.

3. Randomly change your user name and password. Again this applies to the familiarity situation. If you have been hacked, and it isn't always possible to determine if you have, this will force the hacker to begin the hacking process all over again.

4. Keep sensitive data away from your hard drive. If you have a Zip or Jaz drive these are perfect for that material you want to keep away from prying eyes. No matter how good a hacker is, it is difficult, though not impossible, to get material that is not on your hard drive or easily accessible. It should be noted that Windows does a pour job with security issues. Many time your software can betray you. If you are not careful for example, Microsoft Word stores temp files, part of the automatic backup system for recovery if Word is interrupted, say during a power outage. Though this part of the program will allow you to recover some if not all of the data you though you lost, it is seldom deleted after you have made the recovery.

5. At certain intervals, search your drive for files of type, *.bak*, *.tmp*, *.old*, *.syd* just to name a few. If you believe that these files may be needed, transfer them to disk. Usually these files are safe to permanently delete from your system. McAfee's "Nuts & Bolts File Shredder" is a fair permanent file destroyer, Norton System Works has a wipe freespace and wipe Swap File, utility by using their file defrager, they call it "Speed Disk". Look in the properties section to engage this devise. If you do not have a suitable files destroyer, go to my Freeware page and download "BCWipe". You can learn more about BCWipe at my site.

6. If you do not have Zip, JAZ, Tape Backup, or a CD-RW, use Winzip to double encrypt your sensitive files. With the Winzip utility engaged, point to the button marked "New" create a Zip file. Do the same thing again, using a different name. With the second file you created point to Options > Password. Give it a password that only you would know. Now Click the "Add Button" and select the files you want to compress (You can use wild cards to do this also) once done your files should appear as "filename+". Repeat this step on the Zip File you created first to enable Password protection. Now simply add the second Zip file, be sure to use a different password on the first Zip file then you did on the second. We are trying to make file access difficult for the hacker. Though as I said above, the hacker will have anti-encription software. This method should only be used as a last resort.

None of the suggestions are foolproof, but they will make things more difficult and give you some piece of mind.


Entertainment Government Technology About Email Me