By Brian Krebs washingtonpost.com Staff Writer
Friday, May 16, 2003; 5:00 PM
It's no accident that the Bush administration's cybersecurity plan begins with an appeal to home users and small businesses, arguably the least computer security-conscious group of Internet users.
"Home users are more likely to have a level of vulnerability they aren't aware of," said Mark Uncapher, senior vice president and counsel for the Information Technology Association of America.
None of the recommendations for home users and small businesses are new: They have been prescribed for years as the most effective medicine against malicious hackers. Yet they are prominent because Internet users continue to ignore them at a high cost to themselves and other Internet users.
"Individual consumers fail to understand that by not exercising good and safe practices on their computers they are potentially causing themselves to be a pawn in a larger cyberattack against other users or against one of our critical infrastructures," said Tatiana Gau, senior vice president of Integrity Assurance at America Online.
Here are five basic things anyone who uses the Internet can do to guard against online attack:
1. Install and use a firewall. Considered the first and last line of defense, a firewall is a software program or piece of hardware that prevents unauthorized Internet traffic from entering or leaving your computer, particularly computers that are always left connected to the Internet (typically, Internet users who connect over DSL or cable modem fit this category). Properly configured, a firewall can give you greater control over your computer and prevent attackers from successfully scanning your system to learn details about potential weaknesses on your network or PC.
For a sobering look at the insecurity in the average operating system, consider the research conducted by The Honeynet Project. The project takes servers and computers "out-of-the-box," -- without any changes to improve or reduce their security -- and connects them to the Internet for the sole purpose of seeing how often they are probed and hacked, and what techniques attackers are using.
Based on the project's most recent tests, the average unprotected Windows or Linux-based computer with the most common security holes will be hacked within three to five days. Even secured computers will be probed or scanned for known vulnerabilities an average of 30 times each day.
It's nothing personal, said Honeynet Project founder Lance Spitzner. "The vast majority of attacks on the Net today are launched by people out to break into as many computers as possible," he said.
Using automated software tools available online, a malicious hacker can set in motion a scan of more than a million computers before he goes to bed at night and have hundreds of systems under his thumb by morning, Spitzner said.