|
Firewalls
indispensable for cable Net
Inderjeet Singh Sodhi
 THE
demand for a stable Internet connection and higher bandwidth has led to
enormous success of the so-called cable Net. Actually cable Net in India
is basically an extended LAN over Cat5 cable, and not what is
technically known as the Internet-over (coaxial)-cable. Decreasing costs
of networking equipment has made it possible for such services to be
made available at cheaper rates. These connections are really stable and
bandwidth of up to 10 MB (100 MB in some cases) is possible over the
same cable. Bandwidth can be adjusted as per the requirement of the
individual connection without any changes to the hardware. On the down
side, this however also opens the doors to security risks that are
usually prevalent in the corporate world. Whatever be the reason,
devils' minds now have wider accessibility to try "new"
things.
Is it unsafe? No.
Compare a computer system with a house. When you get a new house
constructed, you take care of security aspect with barbed wires and
broken glass on boundary walls. Similarly, when you purchase a computer
you should take care of the security aspect. People leave their
computers on with instant messengers running constantly. If the system
is secure, it does not matter even if you leave it on all time.
Otherwise, it may become a cause of shock, depression or even
embarrassment.
After software is loaded,
one needs to ensure that all updates and "patches" have been
installed. Hackers and viruses use this ignorance as a platform. Once a
security flaw is publicised malicious people start using the flaw for
their own goals. To make these ineffective, updates are required. Most
vendors provide updates for free. Most of us update anti-virus data
files almost everyday but seldom update the core files. These updates
can plug the holes preventing viruses to land on the computer. For
example, a notorious search engine used one of the flaws of the Internet
Explorer to download files without letting the user know. When users
opened the malicious Webpage, a file was downloaded and the default
search page was repeatedly set to its own Webpage. Antivirus programs
soon started identifying the downloaded file as a Trojan and deleted the
same if configured to do so. If Internet Explorer is patched, the files
won't get downloaded at all. In case of intrusion, it is possible to
"barb-wire" a PC. By installing a firewall, about two thirds
of risks can be reduced. A firewall acts as a gatekeeper, allowing only
permitted or outbound connections.
Too rigid rules can hamper
normal activity while too loose ones can allow others to access the
resources. Besides these, file and print sharing should not be allowed
on stand alone systems. If there is an internal network that uses file
and print sharing, then file and print sharing binding should not be
enabled on a particular network card to which the ISP is connected. At
the time of setting up the network, there should be a unique domain or
workgroup assigned to the internal network. Also, NETBEUI should be
disabled for
that card. This will also prevent the computer from sending unnecessary
traffic searching for port 137. The ISPs should also act in a
responsible way and make customers aware of security risks by helping
them overcome these. With proper attention to security aspects and a few
easy-to-follow measures, one can enjoy unlimited options of broadband
Internet revolution.
|
