1. Archive

Making it tough for digital thieves

For most people, a broadband Internet connection costs $35 to $50 a month. But Brian Ford can get all of the bandwidth he wants simply by strolling the streets of Cambridge, Mass., with a handheld computer and a wireless Internet card.

Outside one large apartment building, the screen of his Compaq iPaq comes to life. At least three residents have wireless digital routers, with a high-speed Internet connection. And none has programmed their system to block unauthorized access.

"Nobody's configuring their routers," said Ford, owner of Blue Island Technology, a residential wireless networking company. "Most don't have passwords."

Instead, they brought them home, switched them on and invited the unwelcome attention of any computer criminal within the router's 300-foot transmission range.

Ford's demonstration illustrates a sobering truth: The combination of broadband Internet access and wireless networking have turned millions of home computers into targets for digital thieves and vandals. And people need to arm themselves with some basic knowledge to secure their connections.

About 40-million Americans connect to the Internet at home with some kind of broadband connection, usually a modem connected to their cable TV system or a high-speed DSL modem from their telephone service. These broadband connections replace dialup phone modems, which are generally poor targets for hackers.

Dialup machines are rarely connected for more than a few hours, offer very slow network speed, and usually get a different digital Internet address each time they connect. But broadband machines handle data faster and stay connected at the same address for days, weeks or months. That makes them more useful to their owners but far more susceptible to attack.

The vulnerability of home machines threatens the security of the whole network. A home computer, once compromised, can be used as the launching pad for attacks on other computers. For example, the e-mail security company MessageLabs said recently that it has found evidence junk e-mailers are using a virus that causes infected computers to pump out spam messages to other Internet addresses.

"You can't just turn on your computer and forget it," said Lawrence Rogers, senior member of the technical staff at Carnegie Mellon University's Software Engineering Institute.

"People who own home computers connected to the Internet have the same responsibilities as system administrators at the office." The problem is that few have a system administrator's technical know-how.

But there are a few basic practices that can provide at least a modicum of security:

Antivirus. This one is obvious. Get a good antivirus program and keep it current, to prevent infection by viruses that could try to send data over your broadband line. Expect to pay $40 or $50. Any of the major brand antivirus products, such as Norton Antivirus or McAfee VirusScan, should do the job. New viruses are constantly being developed, so antivirus software allows for regular updates over the Net. You should update the software at least once a week.

Firewall. It's a piece of software that sets limits to the kinds of data that can get into or out of your computer. After installation, some consumer-grade firewalls will force the user to approve network access for every Internet program used _ e-mail, Web browser and so forth. It's a nuisance, but it only happens once. Besides, the same feature can prevent users from attacking other machines on the network. If a suspicious program on your computer is trying to send out data, a good firewall will warn you.

Symantec Corp. makes a $70 product, Norton Internet Security for Windows PCs and Macintoshes, that comes with antivirus and firewall protection. Internet Security Systems' BlackICE firewall for Windows costs $40. Zone Labs Inc. sells its ZoneAlarm software for Windows for $40, but also lets home users download a free version at Apple Computer's Mac OS X operating system has a built-in firewall. Learn more about it at technologies/security.html.

Routers. These are devices that let multiple home computers share a single broadband connection. Routers also come with software that can turn them into a type of firewall. For instance, you can program a router to block certain kinds of traffic just as a software firewall would.

A growing number of home routers feature wireless networking, so they broadcast data to every other wireless machine within range. Wireless router users must take some extra security precautions.

First, change the router's password. Every standard router comes with a default password; every hacker knows them. Change it _ fast.

Next, use WEP encryption, a feature that scrambles wireless transmissions, making them difficult for interlopers to read.

File sharing. Computers can be set to allow others on the network to read certain files or view the entire hard drive. It's easy to turn on this feature on PCs or Macs. It's also easy to turn it off. For extra safety, broadband users should shut down file sharing on their networked machines. That way, even if a vandal breaks into the machine, your data won't be stolen. If you must have the ability to share files, only share what you must. And use a good, complicated password.