BY RICH TEHRANI
Group Publisher

E-Breaking And Entering, Via Broadband

Last night, a burglar broke into my home. He stole my most sacredly held possessions, vandalized my personal space, took my credit cards, and left without a trace. When I learned what had happened, I felt violated. How could this happen to me?

The scenario above is contrived, but had my ordeal been real, I wouldn't have contacted the police and filed a report. Why? I knew there were no fingerprints. No clues to trace, no footprints, no traces of blood, no DNA to use as a genetic fingerprint, and surely no gloves at the scene of the crime that could be matched up with a suspected assailant. How could I be so sure?

Simple. The entire crime I just described took place electronically -- no breaking and entering, no broken glass, and no physical traces that are usually associated with crimes of this genre. This is cyber crime at its best, e-breaking and entering so to speak -- and it's brought to you courtesy of the latest generation of broadband Internet access solutions, AKA cable modems and DSL connections.

I remember the mixed emotions I had when our first servers at TMC were connected to the Internet. Sure, firewall technology is always improving but hackers become more clever by the nanosecond and the common belief in the IT community is that if someone really wants to break into your computer system, they will. In fact, one of our Linux machines did get hacked recently and our own webmaster Robert Hashemian tells the tale of tracking a hacker in his Reality Check column "Hacker Attack: Are You Next?" in Internet Telephony magazine. Even our own government who (theoretically) has unlimited resources to fend off hacker attacks regularly has its systems broken into.

Perhaps I shouldn't have been surprised, but when one of my coworkers told me they read about a case of someone's home computer being hacked through a cable modem connection, my jaw dropped. The hacker's victim wasn't a server -- the typical hacker target -- but an unsuspecting client. A client isn't a machine you automatically think might be at risk of an incoming hacker attack. Of course, the reason our office computers make a relatively easy target for hackers is that they have a fixed IP address as well as a high-speed connection. A hacker can do a great deal of damage in a short amount of time at multi-megabit connection speeds -- that is, once they've broken in. There is always a certain amount of danger that comes with putting any computer (no matter how tight your security) on the Internet.

Last week at a TMCnet.com appreciation lunch I mentioned the topic of cable modem security and I began to explain the potential for hackers to break into computers connected to cable modems. I expected my coworkers to be as surprised as I had been, and to thank me for my cautionary advice. Instead, two of the six people in my immediate vicinity told me they already have cable modems in their house and that they also have home networks with Linux boxes as firewalls! I tend to think that people who work at TMC with Linux-based firewalls in their homes must be the exception rather than the rule. A cursory search on the Web for issues concerning cable modem security didn't result in an overwhelming quantity of hits, so I believe the security issue still needs more explaining to the general public.

The situation gets worse quickly as you start to think about the ramifications of the hacker who penetrates a home based network loaded with networked devices. Indeed, one of TMCnet.com's columnists Laura Guevin recently wrote about the networked home in her column titled "A Better Coffeemaker Through Smart Networking." In this column, she describes the bright future available to all of us once our electronic devices are connected to our home networks: Easy and automated control of home alarm systems, coffee makers, lights, televisions, climate control, and other appliances.

After reading Laura's excellent column and thinking about the potential for home computers with broadband connections to be hacked, I started to think. Can a hacker who's broken through a broadband connection have access to everything connected to my networked home? The answer is a resounding YES. Beyond that, they may have access to your e-mail, and everything else on your computer. Given access to your machine, a clever enough hacker can also trick you into disclosing your most secret passwords -- giving them access to every system you have access to. They can even disable your home alarm and then rob you.

There are some simple things you can do to protect yourself form the possibility of a hacker attack. First, close up all of the obvious security holes in your system. Hackers often use tools that scour the Internet for computers that have weak security and compile a list of these low security systems for later hacking. Here are a few obvious tips to help you brush up on security. Please do not use the remainder of this column as the heart of your enterprise security policies but do use it as a starting point. Realize that no matter how secure you think your computers are, hackers are forever looking for more security holes in your OS to breach. This is one of the reasons that NT systems are a bit more difficult to hack than UNIX as the latter are open source and as such, hackers know the ins and outs of the OS internals and have an easier time finding security holes.

The first thing you want to do is go into your Windows help file and locate information on access control. This will give you a good overview of how Windows file sharing works.

Assuming there is no reason for any other computer to be accessing the files on your hard disk over the network, make sure you configure Windows as such. In Windows 98, go to your Control Panel and then click on Network. Look for the network component that connects to your broadband connection. In my case, it was labeled:

TCP/IP -->  3Com-3C574-TX_Fast_Etherlink_PC_Card

Once you find the correct component, click on "File and Print Sharing" and disable file sharing access to your computer. You should also go into Windows Explorer and right click on your drives to make sure they aren't being shared without your knowledge.

The above steps just clear up the obvious security entry points. You should definitely look into installing appropriate security software on your computer to protect yourself further. Check Yahoo for a list of firewall companies. Most of these solutions are overkill for the home but I suspect that this is a good starting point into the new world of personal firewalls. Also, make sure all of your passwords are long, consist of letters and numbers, and try not to use words found in the dictionary as your password.

Finally, I will ask that service providers start acknowledging to their customers that a security threat is possibly opened up, every time you connect a computer to a fixed IP address. Furthermore, they should help their customers protect themselves accordingly. Please feel free to forward this column to your service provider in the hopes that they will start to acknowledge the potential security threats they are helping to open into our personal computers. As a member of the media, I would rather write about the positive aspects of technology and thwart the negatives such as extensive cable modem and DSL hacking before it even begins.

And on a related note: If you want to read an amazing book that will keep you on the edge of your easy-chair and also help educate you about potential hacker attacks, please check out the The Cuckoo's Egg : Tracking a Spy Through the Maze of Computer Espionage. You can purchase it from Amazon.com.

Rich Tehrani welcomes comments at rtehrani@tmcnet.com.