The security of your computer system is very important, not only to you but to the rest of the Internet community as well. An unsecured, or poorly secured, machine can be used for a number of illegal activities. A couple of years ago, several major Internet sites were disabled by attacks that were launch through the use of thousands of compromised machines. The owners of the compromised machines had no idea that they were being used for these activities. This is why securing your computer is as important as locking your car or your house. Any inappropriate activity that occurs that traces back to your service is your responsibility. As stated in Insight's Terms of Service, you are fully responsible for the security of your machine.

Securing your machine doesn't have to be rocket science. There are many good software packages available to allow your to secure your machine relatively painlessly. This type of software is known as a  firewall. These software packages can be used to "lock down" the various ports that can be used to exploit your machine. Depending upon what operating system (OS) that your machine is running and how it was configured it is possible that several of these ports that may have been left open which could leave you vulnerable to being exploited.

One way to check to see what "doors" or ports that you have open on your machine is to go to one of the many Web sites that can run a remote scan of your machine and tell you how secure you are. One such site is Shields UP!! by Gibson Research.

But it must also be remembered that no software or hardware available today provides 100% protection. Just like locking your car in the parking lot doesn't mean it won't be stolen, using security software doesn't mean that your computer can't be compromised. There are new security vulnerabilities discovered every day. One very good site that contains a good amount of information on security for the home user is run by CERT, the Computer Emergency Response Team at Carnegie Mellon University in Pittsburgh, PA. The Computer Emergency Response "Home Network Security" page can be found at: http://www.cert.org/tech_tips/home_networks.html.

Security Software

Personal Security Software or Firewall Software is highly recommended by Insight. We provide one FREE to our customers here. If you are using this type of software program and have found that you are being attacked, you can send the logs from your program, IN TEXT FORMAT, to Insight's Fraud and Abuse Security Team (abuse@insightbb.com).

To find the text version of your logs, please refer to the program documentation or the online documentation. We have provided links to the most popular security program Websites below. A good way of automatically sending security reports to the proper network provider is through the use of the MyNetWatchman system.

This software automatically sends information from your computer to the MyNetWatchman system where it is compiled with reports from other Internet users and then forwarded to the proper network when a set trigger point is reached. This type of reporting also assists the Fraud and Abuse Security Team by compiling several reports of an abuse by one IP into a single report thus saving us time in acting upon the reports.

What a security report must contain

Below is a screenshot of a log entry showing what is needed in order for us to investigate and take action regarding any reports you may send to the Fraud and Abuse Security Team.

Your log entries may not be configured as below but they should include the same basic information:

Although not shown in all logs, we will also need to know what time zone the time/date stamp are reported in. This information is required due to the nature of our system, which dynamically assigns IP addresses to our customers. We will need this information in order to find who had that IP address at that particular time.

Other Security Information

There are several good sites that relate to computer security. Below is a list of links to just a few of these sites:

Pop-up SPAM:

Recently, there have been a large number of reports about pop-up windows containing spam. These are sent using the Windows messaging service or net-send. This is not the same as the MSN messenger or other Instant Messenger applications. Here is Microsoft's official description of the messenger service:

Messenger Service: Transmits "net send" and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.

A sample of one of these pop-up windows is shown below:

This particular sample of this type of spam was even sent to appear as though it was an official message from Insight, which it was not. Unfortunately this type of spam is also very difficult to trace back to an origination point.

The easiest way to prevent getting this type of spam is to simply disable the messenger service. This is used in the WinNT/2K/XP operating systems and was originally intended for use on large networks to send global messages to all the machines on the network.

To turn off the messenger service in Win2K or XP:

Click here to test if you are able to get these messages.

Although this will prevent the pop-up messages it does not resolve the overall security issue. If you have received this type of pop-up message it means that you have some serious security issues.

Prevention

As the old saying goes, an ounce of prevention is worth a pound of cure, or more appropriately for today, the cost of a good firewall product is worth more than the cost of losing your data. We strongly recommend that you install firewall software or hardware on your system. We also recommend that you disable the many unnecessary services that are run by default on many operating systems. You may not even be aware that many of these services are running.

Minimization of network services can be realized in three steps:

Services to disable are:

More detailed information on the minimization of network services on a Windows operating system can be found at: http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html

Further information regarding this security issue can be found at the following links:

To test the whether your system may be exposed to more serious issues, run the Shields Up test at the popular GRC security Website.