Protect against Trojan Horses
January 17, 2000
by Brian Livingston
(IDG) -- My last two columns have described two major problems that afflict Windows users' privacy and security on the Internet. In this week's column, I give you two tools that attempt to deal with these issues.
The first problem is that marketers have found a way to send you e-mail that links your e-mail address with your computer's IP address, browser version, and other data. If you've given your real name, address, and e-mail address to anyone (using electronic commerce, for example), you are now in a database.
Web sites that purchase this database can find your real name from your IP address when you merely look at one of their Web pages.
These programs can change or destroy data on your hard drive, or install a Trojan horse. The hacker uses such a program to scour data files from your PC or from your entire network.
These problems can potentially affect your company, even through a firewall. A firewall typically rejects outside communications to an Internet-connected PC, unless the communication was requested (as when a browser requests a Web page). But a Trojan horse can transfer data on port 80, which is used for Web traffic. Most firewalls leave port 80 open. If they didn't, PC users wouldn't be able to see Web sites.
Quite a bit of news was generated recently by RealJukeBox. This music player accessed the Internet to send its creator, RealNetworks, data about the music files you play. A critique by security consultant Richard M. Smith is available here.
This behavior, in which an application accesses the Internet without your knowledge, can be more dangerous than simply revealing your musical tastes. Any applet that opens a channel to the Internet poses a risk in which nefarious persons can use the link to access your system.
For example, take the Server Management Agent software that is installed on Compaq machines running Windows NT or NetWare. In its original configuration, this software allows "any user with access to the Internet protocol port 2301" -- the device management 0port -- to read any file on your system, according to Compaq. (For information and a fix, go here.)
Stopping the unauthorized flow of data from your system is the goal of a new, free program called ZoneAlarm. This utility, developed by San Francisco-based ZoneLabs, displays all processes that access the Internet from your Windows NT, 2000, 98, or 95 system. You can configure it to deny Internet access to unauthorized programs or block all Internet access after a period of inactivity. To get ZoneAlarm, go to www.zonelabs.com.
The first problem I mentioned above is as serious as the second. If a malevolent person knows your e-mail address, your browser version, and the IP address you're currently at, he can try to access your system -- perhaps using a weakness peculiar to your browser.
If successful, that person can deposit something like Back Orifice 2000, a Trojan horse that sends your data files out to be searched automatically.
This is a factor in the increasing incidence of identity theft. Credit theft reports to Trans Union, a large U.S. credit databank, are up from 35,000 in 1992 to 500,000 in 1997, according to the Federal Trade Commission.
With a person's Social Security number and birth date, crime rings can acquire credit cards and ruin your credit. Quicken financial records and many other files contain exactly the information these rings seek.
The fact that Web sites can find out your real name if you browse them has serious consequences, too. With a database of all the Web sites your browser has touched in the last 12 months, someone who doesn't like you can select a few URLs that would make you appear to be quirky or even dangerous.
Protecting yourself from these threats is the aim of Freedom 1.0 (software that gives you any number of untraceable e-mail pseudonyms). It also protects your IP address and other information while you use the Web, telnet, chat systems, or newsgroups. Freedom operates with a $50 a year service (or a free trial) available from www.freedom.net.
Brian Livingston 's most recent book is More Windows 98 Secrets (IDG Books). Send tips to email@example.com. He regrets he can't answer individual questions.
Viruses anew pop up post-Y2K
RELATED IDG.net STORIES:
Read an e-mail, lose your privacy
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.