Advertisment

Security Threats to your Desktop

author-image
PCQ Bureau
New Update

Yes, the Internet is happening, and everybody’s riding the wave. Everybody

includes everyone from completely novice users to experts. If you fall in the

second category, you may not have much to worry about. However, if you are

amongst the novice users, surfing the Web for a good time or official work, then

you may have something to think about.

Advertisment

How do you know that while you’re surfing, somebody on the

Internet isn’t actually accessing your system and doing all sorts of things to

it? This can be anything from stealing important files, to deleting crucial

documents, or if somebody’s really malicious, corrupting the applications on

your system, thus leaving them useless. The recent onslaught of e-mail worms is

the finest example. When it comes to security threats, your desktop is actually

like a sponge. Given this situation, you can’t ever feel 100 percent safe.

That’s why it’s time to understand where the security gaps exist on your

desktop, and how to go about plugging them.

Threats from the browser

The other day, while surfing the Web, I came across an

interesting security Website. It was well designed and contained interesting

links on how to protect your desktop from attacks, etc. I clicked on one such

link and soon realized that it was a trap. My system went haywire, my e-mail

client automatically opened and started opening my mail, applications started

opening on their own, etc.

Advertisment

All this happened within a matter of a few seconds, and since

I wasn’t really anxious to see what would happen next, I quickly turned off my

PC, and turned it on only after pulling out the network cable. I backed up all

my data and installed a personal firewall software to monitor all ports on my

machine for any ‘unwanted’ activity. Since I had the software handy, and had

an idea of what was happening, I managed to save my system.

However, you may not be so lucky. The Web browser is an easy

way for somebody to get into your system. Most Web browsers have configurable

security settings. So if you have a feeling that somebody is using your Web

browser to access your system, then push up the security settings of your Web

browser. Set it to prompt you whenever a script requests to be executed. You’d

be surprised at the number of scripts used by most Websites today. This way, you

can control the scripts you’d like to run on your system.

Threats from e-mail

Advertisment

Spamming and mail bombing are old hat. Though they can still

happen and cause problems, they happen upfront, so you can take preventive

measures against them. You can set up filters to delete mail off the server

without downloading it, or use IMAP4 instead of POP3 for downloading your

e-mail, which downloads just your mail headers and not the entire message. Check

with your e-mail administrator for IMAP support on your mail server. It’s

quicker, and since you can see all mail that’s coming to your account, you can

delete the unsolicited ones.

However, what if you get an e-mail with an attachment from

somebody you know? It can be an invitation to a party from a friend, or a mail

from your boss asking you to check out a file. It’s a tough situation. If it’s

actually sent by them, and you don’t open it, you might get into trouble with

them later. If it went from their mailbox unknowingly, then the attached worm

would wriggle through your desktop taking its toll. So what should you do?

Almost everybody recommends using a good anti-virus package with the latest

update. But do you realize that it’s the worms and viruses that come first,

before the antidote is released. There are umpteen examples of worms that have

caused havoc, so we’ll not get into that debate. Instead, let’s see what all

can be done.

The first thing to do is to check the date of the e-mail you

received with the attachment. Some worms use your address book, and randomly

pick an old message from your inbox and send it out to others. So if it’s a

predated message, then it’s likely to be a worm. You can confirm this by

looking at the extension of the attachment. If it’s an odd looking extension

you’ve never seen, or an EXE, then it’s likely to be a virus. Kak.hta and

navidad.exe are the most recent examples. If it’s some sort of document, then

check whether the sender is reachable over phone and simply call up to find out.

In fact, that’s the most convenient way to protect your desktop.

Advertisment

Threats from chat

Though chat clients have been around for a long time, it was

with instant messengers like ICQ that chatting became popular. It’s the most

commonly used software you’ll find on any desktop. However, did you know that

chat clients are one of the biggest threats to security? Apart from the regular

instant messaging clients, there are several malicious clients like ICQ Attack.

These can get into any machine that has the ICQ client installed, and do

anything. That’s why it’s better to check the security settings in your

client and configure it so that it doesn’t remain online all the time, but

only when you want it to. Nowadays, anti-virus programs are available just for

ICQ.

Threats to your data

Advertisment

In this entire hustle and bustle to protect your system, the

most basic entry point is often missed out. That’s the floppy drive. Anybody

can walk up to your seat, place a floppy in your machine and implant a trojan.

Or worst still, suppose the hacker doesn’t implant a trojan, but simply

searches for all documents on your system, and copies the important ones on to a

floppy and walks off. The most convenient protection against this is the

screensaver password, which can ward off most people. However, such passwords

are not very difficult to crack when it comes to a seasoned hacker. In fact,

somebody can also enter your system through the network if you have any shared

directories. So check to make sure that only the directories you want are

shared, and not the entire drive. You can also password protect them.

Another solution that’s gaining popularity is file and

directory encryption. Programs are available that let you encrypt any file lying

on your desktop using the most robust encryption techniques. Wondercrypt from

Wonder Software Technologies is one such software (www.wondercrypt.com).

It creates a public-private key pair for you, and stores your private key on a

USB-based hardware storage device called the iKey. You can also encrypt any file

with your public key and decrypt it using your private key. This is very secure

as the private key doesn’t stay in your system, but remains with you safely

inside the iKey. So even if a person does get hold of crucial files, he can’t

read them because they’re encrypted. Another similar software is eLock, which

can lock any files you want to protect. If encryption isn’t exactly your cup

of tea, then there are special hardware locks available that can lock up various

parts of your PC like floppy drives, zip drives, printers, etc.

So, ultimately, your desktop’s security is really up to

you. If you leave everything wide open, anybody can come and take your data.

Hackers don’t always have to attack servers and Websites. Therefore, it’s

better to be cautious and analyze all the loopholes in your desktop and do

something about them.

Anil Chopra

Advertisment