A Free Educational Resource Created by Carnegie Mellon University to Empower You to Secure Your Part of Cyberspace

Intrusion

Getting into someone's computer without their permission

An intrusion occurs when somebody gets into your computer without your permission, rather like a burglar breaking into your house. Once inside, an intruder has access to your data and can wreak havoc with your system. Any attempt to access somebody else's private data, tamper with somebody else's data, or make somebody's data inaccessible to them is considered an intrusion.

The following Internet activities can make you vulnerable to intrusions:

Protective Measures

Practices

  • Update your browser with the latest software updates and security patches: New security problems are constantly being found in browser software that has already been released. Software vendors therefore make updates or security patches available from time to time that fix these problems. A patch is a downloadable piece of software that repairs a security problem or other "hole" in the software. Since most intruders exploit these known weaknesses, failing to download a patch creates an unnecessary risk. The unpatched hole could serve as an entry point for hackers who want to examine, damage, or exploit the information and services on your computer. It is also important to use the latest version of your browser since newer versions will have stricter security standards and fewer vulnerabilities.

    Unfortunately, Internet Explorer does not have an automatic update feature. The Microsoft  Web site has a "Scan for updates" feature that scans your computer to determine which updates you need, including any for Internet Explorer. The Web site can be reached through the link above, or by the Tools > Windows Update option in Internet Explorer.

  • If you use a DSL or cable modem connection, turn it off when you're not using your computer: As long as your DSL or cable modem connection is active, other users on the Internet can try to get into your computer. Once you have closed the connection, this is no longer possible.

  • Only perform file transfers from trusted sources: This reduces your risk of downloading files infected with malware and introduces accountability, so that you have a better chance of getting a response if you do have a problem.

  • Scan all files that you receive through file transfer: It is a good idea to scan the files that you receive from P2P networks with your anti-virus software to detect malware. This may slow down the transfer, but it will help keep your computer safe.

  • Conduct regular anti-virus scans: Be sure to scan all files that you have received from other people. All major anti-virus software can be set to automatically scan files when they are transferred, but it's a good idea to also scan your computer manually on a regular basis. You should do this at least once every two weeks, or when you suspect a problem.

Tools

  • Anti-virus software: The popularity of the Microsoft Windows operating system makes it a prime target for hackers and other virus writers, so anti-virus software is crucial for users of this system. Anti-virus software works by identifying files that match definitions of known viruses and keeping them from infecting the system. Make sure that your virus definitions are kept up to date by automatically or manually downloading them from your software manufacturer's Web site. Do not install more than one anti-virus program because incompatibility issues between the programs may end up leaving your system unprotected.

    Two popular anti-virus packages are Symantec’s Norton AntiVirus  and McAfee AntiVirus . AVG , AntiVir  and ClamWin  are free alternatives. The major anti-virus programs, such as Symantec and McAfee, can protect against worms and Trojan horses as well as viruses.

    PDA and mobile phone anti-virus applications normally interact with the full version on a PC and hold fewer virus definitions. New virus updates are automatically transferred from your desktop computer each time you synchronize your PDA. Therefore it is important to keep your desktop computer's anti-virus software updated and synchronize your PDA regularly. Some commonly used anti-virus packages are Trend Micro's PC-cillin for Wireless  and Symantec AntiVirus for Windows Mobile .

  • Firewall: A firewall is like a security guard for your computer that monitors the traffic into and out of your computer. A firewall is your first line of defense against intrusions, especially Trojan horses. One popular firewall is Symantec's Norton Personal Firewall . The Windows operating systems such as Windows XP and Windows Vista  include a firewall that is turned on automatically. This built-in firewall is described in more detail on the Microsoft site .

  • Intrusion Detection System: An intrusion detection system can detect intrusions as they take place. Each type of intrusion has a pattern, called a signature. Intrusion detection software is able to recognize these patterns and alert you when they occur on your computer. This allows you to immediately take steps to stop the intrusion.

References

My home page