PCs at home - a safe haven for malicious programs?
Security Information Week 26, 2002
Introduction
Several previous Security Informations have discussed topics related to PCs at home. E.g. one issue in 1999 examined Attacks from the Internet on home PCs and one in 2000 examined Computers infected by Windows backdoors used as agents for DDoS attacks.
Since then we have seen a significant growth in the deployment of computers at home as well as an explosion in computers at home that are on-line all the time.
Time has come to re-evaluate the dangers involved in using home PCs.
The major problem with PCs in general and home PCs in particular
Those who are reading Norman's Security Information on a regular basis, will know that one of the recurring points made in almost every one, is the fact that there are security issues involved in several programs installed and these have to be patched to minimize the probability for being exploited.
This is a time-consuming and continuing task!
Companies may (should!) have special departments, which have as a special priority to keep track on security issues being published and discussed on the Internet, and patches released from the software vendors. Home users have virtually no chance keeping up with this. The information gathered by the security experts from the working place may be of some help, but in most instances such information is of course not passed on from the security expert to his co-workers.
A statement saying that home computers in average will always be more insecure than computers used in an organization, is most likely correct. This means that those interesting to compromize any opposed to one in particular) computer will have an easier prey by targeting home computers. Likewise, home computers will be more vulnerable to infection from malicious software.
To some extent this can be remedied by updating the (hopefully) installed antivirus product often, and using a personal firewall, but this will not suffice in all scenarios.
Always on-line
Being on-line from home all the time is in principle a "good thing". Access to email, newsgroups, IRC channels, the web, with the plethora of information out there without logging on each time, is a great feeling. However, one should be aware of the fact that this makes the PC an easier target for a person with malicious intent.
When you log on to the Internet by a telephone and a modem you get a new IP address almost each time. On the other hand, if you are constantly logged on you retain the same IP address all the time (with some modifications). This of course makes your particular PC an easier target, as the person with malicious intent can take her time to investigate your PC thoroughly and search for security weaknesses. See e.g. the Security Information from 1999 - What a hacker may know about your systems - for a brief discussion about this.
Some advice
Is there nothing a user of home PCs can do then to protect himself? Is he open for all the attacks that any cracker may issue upon him, without being able to prevent her from getting into his PC, and infecting it with trojans and viruses.
As hinted upon above, of course there is.
Here is a list of some quite easy tasks that any user of home PCs should be able to comply with. Some may be more difficult to carry out than other, but even though accomplishing three of the items mentioned below are less optimal than all, it is certainly better than doing nothing.
When you have got yourself a new PC - never presume that it is safe. It is not! Presume that it is vulnerable. Until you have taken care of some (better: all) the items below, only connect to the Internet when absolutely necessary to carry out the tasks in this list. [This is perhaps the most difficult task to accomplish, even though it seems the easiest.]
Get yourself an antivirus product. There are lots of antivirus programs available - of different quality and price - Norman has its own Norman Virus Control. Remember that installing a antivirus product in itself is not good enough. Make sure that you have the latest virus detection files and update the program regularly and often.
Get yourself a personal firewall. Several such are available for downloads from the Internet. Some are free, other costs some, hardly none is expensive. Norman Personal Firewall is one of the products available in this product category.
If you are running a PC with one of Microsoft's operating systems, go to Microsoft's Product Support pages and download the latest Service Pack if there is one available for your operating system. Alternatively use the Windows Update fuctionality included in the more recent operating systems.
Make sure that your browser has the latest updates and is a version supported by the vendor. If you are using Internet Explorer use the link to Microsoft's support pages above. Links to the web sites of some other popular browsers are:
Consider joining a mailing list from one of the many independent security organizations and/or Microsoft's list for Security Bulletins. Be aware that some of the security mailing lists have lots of postings. Here are some of the many security mailing lists available:
Per Olav Førland
