This is a very simple and IME effective free tool available from Steve Gibson of Gibson Research (GRC). Steve’s the guy behind SpinRite and he has some very useful resources on his site. Well worth the visit, IMHO.
Some years ago I stumbled across an article on Steve’s site that woke me up to some of the crappiest behavior/behaviour of human beings that Internet access seems to bring forth.
In this case I refer to “script kiddies” – barely teenaged individuals who delight in bringing whole corporations to their knees, even if only for a few hours.
Steve’s article is no longer available on his corporate site, it seems, but there’s a related article (PDF) here that discusses it and it’s well worth taking the time to read, IMHO. The more so if you want to have your consciousness raised (and possibly your blood pressure).
From that edification I progressed to looking at some of the utilities that Steve was offering for free, and I became a proponent of the firewall product Zone Alarm based primarily on Steve’s comparison of that with other offerings at the time.
If you don’t know what a firewall is or does, I’ll blog about it at some point (sooner if you send a comment asking for it :)). IMHO every PC ever sold should come with Zone Alarm as standard. ZA is to firewalls what PKZip is to file compression. Waddya mean, what’s PKZip?
If you don’t know what file compression is, or even why it’s A Good Thing, send a comment asking for that too 🙂 Otherwise I’ll get there eventually, but slowly.
Anyway, back to the subject at hand.
If you want to know just how secure your computer is, I recommend downloading and running LeakTest from GRC (it’s free, and it’s invaluable). It doesn’t need to go through installation – it’s a standalone.
There are other GRC utilities that deserve to become more well-known – such as IDServe – and I’ll blog about those too (the more so if you send a comment blah-blah-blah).
The latest version is still 1.2, I think. If you have a firewall installed on your system and want to test it, trying running LeakTest and see if the firewall stops the utility from accessing GRC’s site.
Why might that be important? Surely the main threat is from outside – hackers trying to get in?
That’s where the main threat is, but you need to take care of business at home, so to speak.
If you accidentally install some malignant software – so-called malware – that is designed to use your Internet connection (whether it’s up all the time or only when you dial in to a service provider) to talk to even more malignant people somewhere in the world, you’ve essentially opened the door to some pretty nasty individuals even as Zone Alarm (or other firewall) is trying to restrict access to legitimate purposes only.
You can unwittingly install such software on your system in a number of ways.
- You could click on a dialog box put up by a website, and a program will install Something Nasty on your system (because your firewall thinks you’re giving the stuff your blessing).
- You could download a bootleg video or audio file, and attached to it would be malware.
- You could be unintentionally redirected to another website (porn or otherwise) by a link that looks genuine but isn’t.
- Your favorite/favourite news website or fanzine site could be hacked into and when you next visit it, it’ll install all manner of crud on your system.
- You could insert a memory stick with some items a friend or colleague gave you – maybe at work, even – and unwanted software and other materials will be placed on your hard drive.
- You could insert a music CD into your computer’s ROM drive and unknowingly infect your machine.
- You could open an email from your best friend or a family member, someone you trust implicitly – and they may not even have realized that they were sending you anything nasty.
- You could even bring home some shrink-wrapped software from a store and install it onto your system – and infect your machine, because some individual at the company that was hired to make thousands of copies of the disks and manuals thought it would be fun to infect his company’s drives with a virus, or a password stealer, or a worm, or any one of a wide range of bizarrely-named bits of malware, which was then incorporated into the finished commercial product.
The list goes on and on.
And then there’s War Driving and variants of it. Somebody drives by your apartment or house and scans for a wi-fi router that might not be securely protected (W.A.R. stands for Wireless Access Router).
They don’t even need a PC – you can get small gadgets that simply let someone know that there’s wireless activity in an area, and they can then designate someone else to come in and investigate further.
If the router hasn’t been set up properly, those people can get in and either use the router for their own purposes – sending SPAM for example – or attempt to access any systems currently on your side of the router (where you might have relaxed your concerns about security).
It’s frightening to think of the amount of background knowledge you need to have these days, just to stay safe when using a connected computer.
But in reality it’s no different than going out on the streets for a trip, even a short one.
Whether you’re a pedestrian, a cyclist, a motorcyclist, a car driver (even a passenger), a truck driver, a bus passenger, and so on and so on, you still have to have your wits about you and obey some basic rules about stepping off the pavement/sidewalk, crossing the road, on which side of the road to walk or cycle, what speed to observe, what to look out for in the behaviour/behavior of other road users, even the surface of the road or street – is it icy? Muddy? Covered in wet leaves? Broken glass? Is there another aircraft on your flight level? And so on.
The driving analogy is probably more apt than you might think. Back in the day, when the first motor cars were being driven on the street a runner had to travel well ahead of the vehicle waving flags to warn pedestrians that a car was about to come by.
It sounds a bit over the top but there was a genuine fear that pedestrians might be killed or horses frightened into bolting if such precautions were not taken.
We haven’t reached the stage of development where our culture demands that we pass tests of our fundamental knowledge of computing and the risks associated with online access, before allowing us to use any computer for surfing the Web.
We may in fact never reach that point. It may always be a case of caveat emptor: buyer beware (by which I mean that you’re on your own when it comes to being safe rather than sorry while being online).
It will always pay you to try and add to your understanding of the incredibly varied and complicated ins and outs of computers, computing, and computer-related security issues.
It’s mostly boring, it hardly ever seems relevant (until you get hit), and some of the stuff seems to have been dreamed up by a bunch of guys drinking something dubious behind a large tree in the park. But it does pay dividends.
Knowledge (and learning) is power – even more so now, and will be in the future.