Aspects Of Computer Security
Many attacks on your computer, and therefore your data, are made from unexpected sources. Of course there are the direct attacks from viruses that arrive on floppy disks or files you download from the Internet, but other problems also arise from connections made by people over the Internet. To understand these connections it is necessary to understand how computers communicate with each other, particularly in relation to computer networks of which the Internet, a network of networks, is the largest and most significant.
Using Windows '98 as an example let us examine the aspects of computer communication. It is simplest if we think of them in the same way that Microsoft describes them. There are 4 main parts.
Clients - the settings by which you connect your computer to another, i.e. DATA IN CONNECTION. Options are a) Microsoft Family Logon which has rudimentary checking of connections only and b) Microsoft Client for networks which includes greater security and other settings.
Adapters - the actual network cards, modems, etc.
Protocols - the agreement between two computers to 'speak' the same language. Options are a) NetBEUI, the quickest and simplest protocol available over local area networks, b) IPX, a protocol used by Novell networks and c) TCP/IP, the language necessary to connect to the Internet.
Services - where you share your own disks and printers, etc., DATA OUT CONNECTION.
The situation can be summarised as follows:-
|
Data connection
type |
Client for Microsoft Networks (Data in) |
Microsoft Family Logon (Data in) |
File and Print
sharing for Microsoft networks |
|
Protocol (language) |
NetBEUI |
TCP/IP |
IPX/SPX |
|
Adapter (interface) |
Modem, ADSL |
Network card |
Protocols, the language of computer communications, are transmitted using adapters a bit like 2 people agreeing to speak a particular language, for example, French, over the phone. The following diagram shows how the default settings in Windows set up a machine with a network card and a modem.
As you can see, everything is connected to everything else in the next layer down. This is totally unnecessary and allows your data to 'escape' onto the Internet because the TCP/IP protocol is connected to the modem and your 'File and Print Sharing' service. The following should be the situation for your computer to work quite happily on a local area network and to connect to the internet:-
To connect to other machines on a local area network (LAN) where computers are directly connected to each other with network cards in an office or at home you need:-
One client, i.e. Microsoft Family Logon/Microsoft Client for networks.
One adapter, usually a network card.
One protocol, Microsoft NetBEUI will suffice.
Possibly File and Printer sharing if required.
To connect a stand-alone machine to the Internet you need:-
One client, i.e. Microsoft Family Logon/Microsoft Client for networks.
One adapter, normally a modem of some sort.
One protocol - Microsoft TCP/IP.
To connect to the Internet and a local area network you need:-
One client, i.e. Microsoft Family Logon/Microsoft Client for networks.
Two adapters, one for the Internet and one for the local area network.
One protocol for the local area network, i.e. NetBEUI.
One protocol for the modem - TCP/IP.
Possibly File and Printer sharing if required.
The observant among you will have noticed that these last two are the same. The reason for that is that if you don't have a client available in most installations of Windows all network settings will disappear.
What I suggest you do is to install the harmless Microsoft Family Logon and the equally harmless, in as much as it only allows connections from computers directly connected with network cables, NetBEUI protocol. If you then bind (logically connect) TCP/IP to your modem and bind NetBEUI to any other available interfaces (i.e. network cards), you should be reasonably secure - at least as far as connections being made to your data directly from the Internet is concerned.
How do you do this? See the sections in Securing your stand-alone/network PC machine on the opening page for details.
Hackers,Crackers etc. The Usual Suspects < Previous - Next > Encryption Technology
Copyright Andrew Bennett 2006