Security Basics

    May 29, 2002

Most cracks involve a tool as simple as a Trojan horse, which will leave a backdoor account open to the cracker. Young teenagers have been known to utilize such tools effectively, even against corporate giants. It is because of these types of attacks that users (even if it is your family hooked up to a small LAN on a cable modem) need to be educated about some basics that will stop most typical hackers. First of all, lets talk about passwords. Many of these tools that I have mentioned will expose null passwords. This means that if you do not enter a password when you log in, these scanners will show that to the potential offender, and then the hacker can easily take control of your system.

Generally speaking, eight characters in length with a mix of upper and lower case letters, numbers, and symbols such as “_” or “-” will bring most brute force cracking engines to their knees, or at least keep them busy for an awful long time.

Another thing to keep in mind is default user accounts. Disable or delete all default user accounts that you can, and then set up real user accounts (with passwords) for all of your users. Be sure that all of your users can log on properly and that at least one of those users has administrative privileges before deleting or disabling the default accounts. In summary, make up your own password policy and make sure that your users follow it.

The next item up for discussion is email attachments. I have two points that I can’t emphasize enough:

1). Install antivirus software. (Ahem, INSTALL ANTIVIRUS SOFTWARE.) Also, keep it up to date. Most new viruses are aimed at the corporate giants who seem to find a remedy very quickly. Thus by the time you receive any given virus you will probably have the appropriate software already installed.

2). Save the attached file in a folder before opening. I leave a folder on the desktop just for this. My reasoning behind this is that nine times out of ten your antivirus software will recognize the infected file when you attempt to copy it.

Another interesting point to consider when opening attachments: it is more likely that you will receive a virus from someone that you know rather than a total stranger. Most viruses propagate by using addresses they have found on a victim’s contact list. The chances are high that your address will be in a friend’s address book, rather than a complete stranger’s.

In summary, always check attachments and verify that they are clean before opening. It is also a good idea to ask people that you know that do send you attachments to send an email ahead of time to inform you that the next email will contain an attachment and that it is safe and not a virus.

Last but certainly not least is the physical security of your machines. Keep them locked up as much as is practical. Lets face it, anyone with a bootdisk can have control of an unlocked computer. Machines with sensitive data should always remain under lock and key. Many hackers can exist inside of your network.

It is better to keep the honest people honest than to have to recover from data loss, especially when that loss is a direct result of someone having access and/or privileges that they did not need and obviously did not deserve.

For the truly paranoid (although this does not really affect your end users), be aware of where your network cabling is. It is not that difficult to hide a laptop with a packet sniffer running in a crawlspace.

In conclusion, all of the best firewalls and security software in the world are not going to help you if your users are leaving machines wide open to anyone who wants access to them. If you can educate your users on the importance of security (i.e. there is no business if all of your trade secrets have been leaked out…) and what they need to do to keep their individual systems secure, you have just reduced the potential success of a majority of attacks.

Jay Fougere is the IT manager for the iEntry network. He also writes occasional articles. If you have any IT questions, please direct them to