BOOT CAMP 579 (03/05/06) – Privacy and Paranoia, part 5

In the penultimate part of this series we’re returning to the subject of Firewalls, security and how you can find out if your PC is protected.

The best way to test your PC’s defences is to put them under stress but mounting a full scale hacking attempt on your machine, or infecting it with malware is clearly impractical. The simpler and safer alternative is to carry out an online test and one of the most effective is ShieldsUp!, devised by computer security expert Steve Gibson

ShieldsUp! is a set of tests that simulate a hack attack on your computer. They look for vulnerabilities and weaknesses that could allow a real hacker to gain access to your files. The tests are safe and only carried out with your permission; no private data or personal information is retrieved, displayed or retained so you can use it with confidence.

Begin by going to www.grc.com and click on the ShieldsUp! Banner and scroll down the page to the ShieldsUp! Link under ‘Hot Spots’. One of the first things you will see is a couple of pieces of data the site has already managed to retrieve about your PC, including your current IP address and PC identity and from that it’s possible to work out the name of your ISP. This is not a threat to your security but it is worth knowing that your IP address remains the same for as long as you are connected to the Internet. In the olden days of dial-up connections it didn’t matter too much as online sessions tended to be relatively brief and your IP address changed every time you logged off and on. However, broadband provides an ‘always-on’ connection your IP address can stay the same for days or weeks at a time, which may provide an opportunity for hackers and data thieves to make repeated attempts to break into your PC.

Before you go any further read the warnings in ‘If you are new to this site…’ box and if you agree click the Proceed button to give your permission for the tests to start. Move down the page to ShieldsUp! Services and click the File Sharing button. This is one of the most important tests and reveals if any of your files are visible to an intruder. Once again it displays your current IP address then a few moments later you should see two reports confirming that your main Internet port is closed and your PC has refused the connection. If you receive anything other than a completely clean bill of health at this early stage then you either have a firewall and it is not working or configured properly, or you don’t have a firewall, in which case you should install one immediately!

Next, click the Common Ports button; this takes just a few seconds. Ideally all of your computer’s ports will be closed and hidden and it will not betray its presence on the Internet by not responding to ‘pings’, in which case you’ll see ‘Stealth’ and it has passed he second test. Don’t panic if you see Fail, this probably means that one or two ports, whilst closed, have been tricked into answering a request for a connection, but since the port is closed no data can be exchanged. It’s not necessarily a cause for concern but you might want to click the link next to the failed port and read the associated notes, which may help you to fix the problem, or reassure you that it’s nothing to worry about.

Scroll down the page to the ShieldsUp! Services menu and click the Service Ports button. This test, which checks over a thousand other ports, can take several minutes and what you want to see is a block of green squares, indicating that all of your ports are in Stealth mode. Blue squares indicate closed ports, which you may already know about from the previous test; red or open ports are very bad indeed, though it’s worth reading the notes on the page concerning ‘adaptive’ firewalls, which can produce ambiguous results.

If you have passed all of the tests so far your PC’s security should be up to the mark and the final two checks (see also this week’s Top Tip) are optional but still worth doing as they may reveal an unexpected loophole. Once again scroll to the bottom of the page and the ShieldsUp! Services menu and click Messenger Spam. Click the Spam Me button and ShieldsUp tries to send you a message using Windows Messenger Service. If your PCs security is up to date and you’ve been installing Service Packs and hotfixes nothing should happen, if you see a Messenger pop-up then read through the guidance notes.

Part 1 2 3 4

JARGON FILTER

IP ADDRESS

Internet Protocol Address -- unique 32-bit code, represented by four groups of digits, used to identify PCs and devices connected to a network and Internet web sites

PING

A networking facility that tests whether a computer or device is present by sending a small packet of data to the device’s IP address and listens for the receipt confirmed return signal or ‘echo’

PORT (Software)

A virtual or internal data connection in a computer that allows programs, applications and computers to exchange data

TOP TIP

The last check shows what happens when your PC is sent a browser web service request by a web site. This is a perfectly normal procedure and not necessarily a security issue but it demonstrates how much information your PC can reveal about itself, including such things as the name and version number of your operating system and web browser and possibly even your screen resolution and colour depth. None of this is especially worrying but there may be scraps of personal data stored in Cookies, which are small text files stored by your browsed, deposited by the web sites you’ve visited. You can see how this works for yourself by creating a custom cookie that ShieldsUp! attempts to place on your machine. If any of this worries you there’s some good advice on how to manage, block or filter cookies.

© R. Maybury 2009, 0505