Security
We all worry about the security of our data, our computers, our email, etc. Security has become even more important these days as world events unfold. The week's column will focus on some of the key areas of vulnerability in computer networks and the solutions as they exist. The computer is only totally secure if it is physically locked up so no unauthorized access is possible and not connected to a network of the Internet. Since this is not reasonable if we want to have email and surf the 'net, we need other approaches.

Step 1: Local physical access
You should control the physical access to your computer and to your local area network (LAN).

There are two ways that your data security can be compromised:
1- others seeing your data, email, files, etc. running on the network
2- others getting into your computer and messing things up.

Step 2 below addresses not letting others sees your sensitive data. Step 3 addresses stopping others from hacking into your computer.

Step 2: Encrypt your sensitive data
Please be aware that it is always possible to get access to the data running on a network if one has access and really wants to. It doesn't matter whether the network is wireless or wired. The data is accessible because the size of the Internet means that physical access cannot be controlled. The solution then is to encrypt your data so that even if someone gets a hold of your data they can't read it. This is what happens on sites where you enter your credit card number and the site has an address or Uniform Resource Locator (URL) starting with HTTPS instead of HTTP The "S" shows that any data going from your computer is encrypted. A Virtual Private Network (VPN) also encrypts everything that goes onto the network.

Ask questions about the encryption of your data to understand how you are protected. Some encryption schemes work better than others. The wireless encryption standard has been broken some many wireless Internet systems don't bother to use it because there is a significant speed penalty to be paid. If you have a wireless network connection and are concerned about someone seeing your data then work with your vendor to get a VPN installed to protect your information.

Step3: Keeping the hackers out of your computer and your LAN
There are many ways that people will try to get into your computer. Some common ones are to:
1- Leave software called spyware, on your computer that, for example, watches when you browse to a certain website that will send off information on where you go and what you buy.
2- Try to deny your ability to communicate on the Internet by keeping your computer very busy (Denial of Service (DOS) attack)
3- Try to take over and control your computer, erase files, cause general mischief…
4- Send you an email with a program (virus) that sends itself to all the people in your address book and causes other mischief.

The solutions to these problems of spyware, hacking and viruses are often free or inexpensive but are not 100% effective. One must be vigilante and keep his software updated regularly. Some of the software you can get will update itself automatically.

Spyware can be removed with programs like Adaware and Spybots: Search and destroy. These can be downloaded and installed from the Internet for free.

Some home routers have DOS attack fighting features. The traffic from the bad site is just dropped at the router. Often the ISP has a router at the Internet connection point with that capability to protect its users.

The best known security problem is the hacker who tries to get into a computer to mess it up or to use it to attack others. This can accomplished directly or through the use of virus programs. Direct attacks can usually be stopped by a firewall. Just like the firewall in your car protects you from fires in the engine compartment, a firewall installed on your computer or your LAN router can protect you from hackers wanting to get through to your files and software. Firewalls can be hardware or software or a combination. Home solutions range from free software like ZoneAlarm to "for sale" integrated programs like Norton Internet Security. Windows XP has a built-in software firewall. A home router usually has a built-in firewall as well.

The firewall configuration set-up can be difficult. The firewall can also interact with other programs to cause problems accessing the Internet. The basic set-up consists of allowing certain programs to access the Internet through the firewall. A nice solution is to use a home router like the ones from Dlink, SMC or Linksys which provides router and firewall functionality between the broadband Internet connection and the computers in one's house. These are available with wireless capability as well so that a laptop can have access from any location in the house. A future column will explore this option is depth.

Finally, every computer should have good anti-virus software installed and regularly updated. There are some freeware available and "for sale" products like Norton or McAfee Anti-Virus. Most viruses are spread through email. It is very important to have programs running that will detect and remove any viruses that come into the computer. Because the writers of virus programs are continually changing and improving their programs it is important to update your virus software regularly.

The security of your data and of your computer is not a simple problem to solve. Your ISP can help. Prevention is the key. Please send suggestions for future topics or questions to jwilson@ptera.net.

Tutorial
How does data move on networks?
The information you send on the LAN or the Internet consists of files made up of digital bits of data which represent the letter or spreadsheet or email, etc. that you want to move to another location. Software in your computer breaks the files of data into packets or small groups of data. Some addressing information is added to the front and back of the packet and then it is sent onto the network. The computer receiving the packets sends back a little packet to the sender of the data to acknowledge receipt. The packet will be resent if receipt is not acknowledged. A protocol called TCP/IP guarantees that the data will get to the receiver.