The unprotected
computer gets the worm
by Alan Zisman (c) 2003 First published in
Business in Vancouver ,
Issue #726 September 23-29, 2003 High Tech Office column
August's
spate of worm infections spreading across computer networks showed
that security problems were everyone's business. It's clear that
computers running Microsoft Windows remain the most prone to
these sorts of problems. It's not necessarily that alternatives such
as Linux or Apple's Mac are inherently more secure, but these
minority systems are rarely targeted by the people writing the worms
and
viruses.
It's
easy to blame Microsoft, but the company released a "critical update" a
month before the Blaster series of worms started to spread across
Windows 2000 and XP systems. In this case, the problem was the many
vulnerable computers that were not updated. Windows users need to
visit www.windowsupdate.com and office.microsoft.com/officeupdate/
regularly to download and install any critical updates.
(Even
though I've complained about Microsoft's updating process in the past,
the increase in Internet-borne attacks makes it clear that corporate IT
departments and home and small-business computer users have to do a
better job at keeping operating system security patches up to date.)
In
addition, everyone connecting to the Internet needs a firewall,
hardware or software that scans data coming in (and in some cases out)
of the computer, preventing unauthorized access. One of the more
popular software firewalls, Zone Alarm Pro (US$50, www.zonelabs.com), has a
newly released version 4. The new version continues to hide the
computer from hacker's probes and to monitor both inboard and outboard
data. Version 4 remains easy to configure and now checks outgoing
e-mail for behaviour indicative of a worm or virus infection. An
example might be if your e-mail software suddenly sends copies of the
same message to everyone in your address book.
It's
now possible with Zone Alarm to create rules governing what sorts of
programs and online actions are permitted or forbidden. As well, there
are new privacy tools and optional Web cookie and pop-up ad controls.
Zone
Labs continues to offer a basic version of Zone Alarm free for
individual or non-profit users. That version has not yet been updated
to
version 4. There is also a (US$40) Zone Alarm Plus 4.0, with a
feature-set in between the basic and pro versions. Potential
purchasers can download 30-day free trial versions of the plus or pro
versions. None of Zone Alarm's three versions include antivirus
software. Some users may prefer Symantec or McAfee's
Internet Security Suites, each of which bundles together firewalls and
antivirus programs.
Vancouver's
Absolute
Software (www.computrace.com)
offers
a different take on firewalls. Traditional software firewalls are
aimed at individual users, each of whom has to install and configure
the
software on their own. AbsoluteFirewall is centrally managed, designed
to protect a business's off-site workers, whether working from home or
travelling with company-owned laptops. A company sets up groups of
systems and creates sets of firewall rules to apply to each group. (By
using templates provided by Absolute, this is less cumbersome than it
sounds.) These can be customized so that different groups of users
have different levels of access on the Net. These rules are stored on
Absolute Software's servers. When a computer with AbsoluteFirewall
starts up, it automatically (and invisibly to the user) checks in to
make sure that its rules are up to date.
The
end result is that employees accessing the Internet outside the
corporate firewall are protected without any work (or optionally, any
knowledge) on the end-users' part. From US$40 per user.
Windows
users up-to-date on their critical updates and behind a firewall were
safe from August's Blaster worm. The Internet has been likened to a
superhighway, to a public library, and to a mega-mall. Lately, it's
seemed more like a battle zone. It's the responsibility of all of us
to ensure that our computers are protected.