VIRUSES, TROJANS, SCRIPT kiddies
The Internet can be a dangerous place for the unwary. Even big companies aren't immune, with regular embarrassing stories about how credit card numbers lor other personal information) they've collected have been accessed by hackers. So, is there any way to keep your system secure when you go online?
Port to port
http://www.emsisoft.com/en/kb/portlist for a full list,
and there's nothing to stop a single computer providing all of these features.
To help keep things organised, each service is normally allocated to a different port on the server This isn't a physical feature of the computer, like a serial port - it's ust a number contained within every packet of data the server receives. Each service looks for its own port identifier and handles any incoming information that belongs to it.
Such flexibility is useful, but not something the average user cares about - they just want to run their FTP or news program, and see it work correctly To make this happen, most services use standard port numbers: FTP is 21, HTTP uses 80, NNTP news servers default to 119, and so on. Your browser and other Internet applications know which ports to use, and so everything works automatically.
Still, some servers do use alternative ports. You may have seen when this happens on a site, as the URL has a colon, followed by the new port number at the end of the address: www.bigsite.com:8080/downloads/ The chances are you don't have a Web server at home, of course, but that doesn't matter. Your PC makes use of ports, too, and whenever you go online they're accessible to everyone else on the Internet. This could make your PC and data available to any passing hacker, but what are the actual risks?
Their first challenge is just to find you. When you go online, your ISP will almost certainly allocate you a different IP address [your unique location on the Internet] every time. Any hacker then only has the duration of that single Internet session to penetrate your defences, or see all their work go to waste.
You'll almost certainly have read dire warnings about how this doesn't apply to broadband connections. Get ADSL, you're told, and its 'always-on' connection means that hackers can be hammering at your PC 24 hours a day Fortunately this simply isn't true. While you can pay extra for a static IP address, the standard BT ADSL connection provides a dynamic address, giving you similar protection to a normal modem user.
Good news? Yes, but you're still potentially at risk for the time you're online. A hacker will typically use an automated port-scanning tool to check a wide range of IP addresses, sending a message to the key ports on each system, and examining the responses (if any) for potential vulnerabilities.
However, if your PC isn't connected to a network, then you probably won't have file and printer sharing installed (select Network in Control Panel, to check). In this case, there's nothing listening at port 139, and it's not possible for an external hacker to use it to access your hard drive.
Networked PC's are at more risk, but even here hackers can only access folders you've chosen lo share [which is why it's a good idea lo share Individual folders like 'My Documents', rather than your entire PC|. And they'll only be able to do this if you've forgotten to password-protect each share, or used a password that's very easy to guess.
Although scanning sites target lots of other ports on your PC, the risks arc very limited. Hackers can send all the messages they like, but unless you have an application running that's listening to the targeted ports - a Web or FTP server say - they can't get any kind of access to your system.
So, a standard Windows XP system is likely to be very safe when online, and even a networked PC can be strongly protected, simply by making use of security features that already exist in the operating system. Adding a firewall is still advisable, though, as a look at one of the more popular examples will make clear.
Look here for more info www.netmag.co.uk