TOWN OFFICE SECURITY AND THE INTERNET
By Andrew Winter
Town Officers Connectivity Project (TOCP)
March 2001
Towns and municpalities have sensitive information and data on their computers. If the wrong people acqured access to that data a great deal of damage could be done. With this in mind it is very important to understand that when a computer makes a connection to the Internet that computer is then logged onto a network. It is then accessible to other people whose computers are also connected to that network. And, the Internet is an extremely large network indeed.
The Threat, then and now.
The threat comes from being on a network. Every individual who is also on that network could conceivably locate your computer and access its files. This has to happen for network software and hardware to know who is sending what data where, and by whom, so that data being sent arives at the correct destination. All this information about sources of data and destinations is established by the "network protocol" of whatever network you are logged into. In the case of the Internet you are using a protocol called TCP/IP. The basic feature of this protocol is your IP address. It is this address that anyone, (the good guys and the bad guys), trying to locate your computer needs to have in order to send or receive data from your computer.
Your IP address is a 12 digit number broken up into four groups of three. This is how a computer knows who and where your system is. Now we humans use URLs like, www.sover.net. Well the computer doesn't understand words so well so a piece of networking software translates this URL into Sovernet's IP address, 209.198.087.047. This number is the key to it all. Without this the user's computer would not be able to talk to the sovernet computer and establish a connection.
It used to be that each time you logged into your ISP and hooked up to the internet your IP address was different every single time, because on a dial up connection it is normally "dynamically" assigned. When it comes to security that meant that you, your computer, and all your data were a moving target. More often than not by the time anything on the net that might mean you harm had found you, you were logging off anyway.
Now there are several new technologies that have changed all that. These are the new "Always On" high speed internet connections. The main techonolgies involved are Digital Subscriber Lines (DSL), Cable Modems (which operate on connections brought to you by your cable TV company), Satellite Internet Connections, and ground based wireless intenet connections.
These four services are becoming hugely popular because they are fast. They are very fast. On your average dialup connection it can take you 1 to 2 hours, or more, to download a free software program like Netscape, simply because the speed of the connection over a standard phone line is so slow. With one of these new "high speed" connections that same download can take a matter just a few minutes or even just seconds. These high speed connections make your connection to the internet almost seamless. But, with this high speed comes something that not all the installation technicians tell you about. You lose that IP address that changes each time you connect. Instead you get a permanent one. You are no longer a moving target.
What this means is that it is much easier for someone to find your computer on the Internet. Once they have found you they can then take their time and use technologies that exist to slowly work their way into your computer and all the data on it. This process is called "hacking" and has caused a lot of problems for a lot of people, companies and government agencies. Now, what can you do about it?
Answers and Solutions
Become aware of the problem first, then get informed. Once armed with enough information to be able to ask the right questions, seek out those products that can provide the security solutions that you desire. Our goal is to point you to the best sources of information and solutions that we can. One of the very FIRST organizations you should contact is your current Internet Service Provider. After that check out some of the links below.
General Information
Please note that the validity of the following links may vary over time. Please notify us at crs@uvm.edu if any links do not operate properly for you.
Here is an article from www.ezgov.com that gives an overview of the general situation.
http://www.ezgov.com/white_papers_art2_1.jsp
Here is a nice collection of FAQs and buyers guides from an on line store dedicated to internet security soluitons. Since this store carries many products by many companies they seem to be careful about making sure you get the right product for the right job. That tends to make them aim for accuracy in their reviews, information and FAQs rather than to hype the products.
Https://www.securehq.com/shqbuyersguide.wml
General Information on Mac Security.
http://www.firewallguide.com/macintosh.htm
When you feel up to it here is major information resource regarding internet security. The CERT Coordination Center is part of the Networked Systems Survivability Program at the Software Engineering Institute at Carnegie Mellon University. They were started by DARPA (the Defense Advanced Research Projects Agency, part of the U.S. Department of Defense) in December 1988 after the Morris Worm incident crippled approximately 10% of all computers connected to the Internet. The original press release is on their web site, along with several other announcements about the CERT Coordination Center.
http://www.cert.org/nav/securityimprovement.html
Products and Security Solution Providers
Here is a "tip-of-the-iceberg" introduction to security solution providers.
Open Door (Apples and Macs) http://www2.opendoor.com
Symmantec's Norton Fire Wall http://www.symantec.com/sabu/nis/npf_mac/
McAfee Fire Wall http://www.mcafee.com/myapps/mpfp/default.asp
Here is an on-line store dedicated to internet security products.
In addition to fire walls there is software that acutally encrypts your files localy so that even if someone gets in to your computer what they find is useless. An example of such a product is,
Alladin Systems "Private File." Http://www.beyond.com/PKBD44687/prod.htm
The topic of internet security is of major concern to anyone who has a connection to the internet. It is especially important to those of you with "Always On" high speed internet connections. Many of you have sensative information on systems that may be wide open to penetration whenever you are connected. It is our hope that the information we have provided will equip you with the resources you need to successfully secure your systems and sensative data.
Doug Lowe. Networking for Dummies 2nd Edition. IDG Books Worldwide, Inc. 1996.
John R Levine and Margaret Levine Young. Internet for Dummies 2nd Edition. IDG Books Worldwide, Inc. 1996.
Patrick Lane and James Stanger, Ph.D. Networking Fundamentals CIW Foundations/i-Net+ Series. ProsoftTraining.com. 2000.
Russel Ryan and Stace Cunningham. Hack Proofing Your Network. Syngress Media Inc. 2000.
Reviewed on 7/29/02