MySecureCyberspace: Intrusion

Accessing a computer without permission

An intrusion occurs when somebody gets into your computer without your permission, rather like a burglar breaking into your house. Once inside, an intruder has access to your data and can wreak havoc on your system.

In order for an attacker to enter your computer, he needs to have the address. A computer’s address is called an Internet Protocol (IP) address, and it uniquely identifies your computer on the Internet. You should keep your IP address as private as possible.

When you host an online game, other players (and any attackers) can see your IP address. An attacker will also know that you are hosting the game, which gives him more critical information. He may then use flaws in the game software to take over your system.

Protective Measures

Practices

Do not host any games: When you host a game server that announces your address on the Internet, you make it easy for an attacker to find your IP address. Most popular games have many public servers that are hosting games. If you have no special requirements, you should play on one of these public servers, rather than hosting a game of your own.
Know your software: If you must run a game server of your own, make sure that you are familiar with the game settings. If you have never hosted a game before, look on the Internet for a FAQ that explains how to host.
Keep your hosted game private: If there is such an option for your game, host a private game and only give the necessary information, such as IP address and log-in password, to your friends. This reduces the chances that attackers will become aware of your server.
Patch your gaming software: Patches are updates that software makers release to fix security gaps in their software. Most gaming software will need some patching after its initial release. Make sure that you are running the latest software on your server to make it as secure as it can be.
Shut your server down when you’re done playing: Some games let you use a dedicated server to host a game. This is a computer that is used only for hosting and has nobody playing on it. After you are done playing, make sure that you shut down your dedicated server, unless you have a good reason for keeping it running. This will shut down a connection that could otherwise allow intruders onto your computer.
Connect to trusted servers only: By not connecting to random servers on the Internet, you keep your IP address private.
Turn off your network and wireless connection when you are not using them: As long as your network or Bluetooth connection is active, other users can try to get into your mobile device. Once you have closed the connection, this is no longer possible.
Know who is running the server you play on: If you connect to an external game server, make sure you know who is running it. Some game servers are run by individuals rather than game companies. Connecting to their servers lets these people read your IP address, which they could use in a DoS attack.

Settings

Set the game to run a private server: Most game software allows you to run a private server. This means that your server will not announce its presence to master servers or show up in game lists where other players can see your IP address. Require players to use a password to connect to your server. Both of these settings can usually be made when the server is started or a game is hosted.
Set a server administrator password: Set an administrator password for yourself that lets only you change game settings on your server. If you don’t, other players could change settings and even crash your server. Do not share that password with anyone you do not completely trust. Only certain game software allows all players to change game settings. All games made by Id-Software include this option, as well as games based on their engines, such as Counter-Strike.
Do not report to a master server: For certain games you may be able to decide whether or not your server will report to a master server. Unless you want random people joining your game, you should set it to not report to a master server. For more information, refer to the manual or contact the game publisher.
Set a password on your mobile device: Set a password for yourself that lets only you change game and general settings on your mobile device. If you don't, other people could change settings, gain access to your personal data, or even crash your mobile device. Do not share that password with anyone.

Tools

Firewall: A firewall is like a security guard for your computer that monitors the traffic into and out of your computer. A firewall is your first line of defense against intrusions, especially Trojan horses. One popular firewall is Symantec's Norton Personal Firewall . The Windows operating systems such as Windows XP and Windows Vista include a firewall that is turned on automatically. This built-in firewall is described in more detail on the Microsoft site .

Connect Safely from Different Places

Office

In a business environment, an intruder getting to the data on your PC could have more severe consequences than in a home environment. We recommend that you check with your IT department and see if your company has any rules about gaming before you play online games at work.

Check with your IT department before installing any firewall software or activating the built-in Windows XP firewall. They might recommend additional ports that need to be open for company specific software and services to run.

Mobile

Intrusions can happen when you are connected to a network or when you leave your mobile device unattended and someone gets physical access to it. You are more vulnerable to intrusions when you use a public network in public spaces. Your data travels freely in the air, so anybody using the same network could intercept your data and steal your personal information.

On the road

There is a high risk of intrusion in public environments. Access to public computers is less restrictive than access to a private or personal computer, and when you use your own laptop in public spaces you become part of a public network, leaving you susceptible to intrusion from anyone using the same network.

Keep in mind that when you host a game server on a public computer, you are exposing a computer that is not yours to intrusions. You should get permission from the system administrator of the public computer or the public network you are using before hosting any game.

Ethical Issues

If you keep information such as account numbers or passwords on your Web server, intruders could steal that information. If you are worried that someone has broken into your computer or game server, contact your Internet Service Provider or Web hosting provider for help. You may also want to contact the organizations with which you have game accounts to check for unusual activity or to change your password.

When you play games on a public computer you may broadcast information abut the computer and the public network to which you are connected. Be aware of the information you broadcast and make sure that your gaming activities do not put the public computer or network at risk of an intrusion attack.

Privacy Issues

Avoid broadcasting your IP address, since that can make you a target for intrusions. Any data you send on the network could be intercepted by somebody listening to the network traffic, so if you must use the Internet in a public place, make sure that the connection is encrypted.

Avoid leaving your mobile device unattended in public places, because somebody could grab it and get your personal information. When you are using wireless technologies such as Bluetooth or Wireless Internet, any data you send on the network could be intercepted by somebody listening to the network traffic. If you must use these in a public place, make sure that the connection is encrypted.

Intrusion