Why should I worry
to download Virus removal tools
As the millions of personal computers of the world move from dialup lines to permanent connections such as DSL or cable, a vast new array of potentially soft targets turn up on the Internet, at stable IP addresses, for crackers to use, sometimes for fun, and sometimes to stage further break-ins.
Automated scan tools can quickly pass over an entire domain, and report on machines that appear to be insecure. This is the 90s Internet version of war dialing, made famous in the film WarGames, but 100 times as deadly.. with more powerful programs, faster connections and more underground web sites, even unsophisticated computer users can scan 1000s of machines in an evening for simple configuration mistakes. Even if a particular security mistake only occurs with .1% of users, when a cracker can scan 1000 PCs in less than an hour, by the time they have listened to a single CD, 2 or 3 open PCs can be unearthed.
Most normal Internet machines are designed and configured with security as a high priority. Most of the hordes of home PCs coming online over DSL and cable were designed to be friendly and accessible. It is a great time to be a cracker.
But I have a virus tool
Today's virus tools will not tell you that your machine has been compromised, they will not warn that your hard-drive is visible on the Internet, or that your FTP server has no password. An up-to-date virus scanner on the windows platform is vital but it is only half the story
But.. I turned off file and print sharing!
Programs you purchase or download and install are more and more network aware, windows file and printer sharing is only one possible gateway into a machine. There are 65535 different ports that a program, or part of your operating system, can listen on. Do you know what is actually active and waiting for connections on your PC right now?
I should just buy a firewall?
For security on the Win98 or WinNT platform, we recommend a correctly installed hardware firewall, or a commercial software firewall, or NAT internet sharing software, in that order of desirability.
For Linux, configuring ip-chains is recommended.
For Mac, a product called Net-barrier is now available.
Lock yourself in your house, close all the windows. Are you sure you are safe from burglary? what's the best way to be sure? did you leave the keys under the front mat accidentally? one good way is to hire a friendly burglar, and ask them to scout around and give you a report. That is what Secure-Me does.
Why a scan is good security?
Any intruder will use a scanning tool to get an overview of your security, either as part of a domain pass, randomly, or because they are targeting you specifically. Anyone active on the internet knows that as soon as you use software that leaves your IP address in a public place, like a Usenet posting, ICQ, ftps or certain shareware utilities, you will become instantly the target of curious probes, some from machines on the other side of the world. If you have weak security, these probes can turn into a break-in. If you offend someone in a public forum, your machine can be crashed by them, or disabled. If this is your business, they have closed you down.
Is this just a scan?
Secure-Me is not just a plain scan. Having done an initial scan, Secure-Me will then evaluate the results, and zero in on some common weaknesses. Due to the results obtained from other customers, Secure-Me is being tuned to try more things every week. Here is an example report, generated recently
I am pretty sure I am safe.
Secure-Me, since it started in July, has run over 32,000 scans on individual machines. Only 3% of those machines received a perfect score. 97% of them had one or more possible weaknesses, some had multiple weaknesses, These included unneeded network services, public machine names or usernames, guest accounts, routers with weak configuration protection, printers visible for anyone to use and more... Are you still sure?
Why repeated scans are useful?
Good security systems often use a trip-wire. A silent alarm. Secure-Me can be your trip-wire.. After your computer, or computers have been scanned, we can keep their distinct fingerprint on file. At your command or regularly, we can re-scan and when this fingerprint changes, even slightly, you can be alerted. It may simply be some new web server you installed. Or it may be you installed a product that has a new service on it.. or it may be you are now unknowingly running Back Orifice from TCDC, or if you are a small business, a telnet port has been opened up on your firewall