Remote access and Security

posted onMay 18, 2002
by hitbsecnews

By: Mark Jorgensen & Neil H Watson

By agreeing to work from home and, accessing the company network from there, you have agreed to take partial responsibility for the security of the company's data. While you may access the company network from home securely, your home PC is still exposed to outside threats from the Internet. Anyone or anything gaining access to your home PC can then gain access to the company's internal network placing it a great risk. Consider these examples:

A user running Windows has no idea that a webserver is running on their computer (Microsoft IIS). When connected to the Internet the PC contracts the Code Red worm. As the home PC is considered "trusted" by the company network it allows the channels that would normally be blocked to transmit traffic to other computers. Now the worm has spread to the company network. Any internal websites the company has, that use Microsoft's IIS server, will not display the normal pages. This could take hours or days to fix.

A cracker gains access to the home PC (possibly using Back Orifice). Now the cracker can use the PC's VPN software to gain access to the companies entire network. The cracker could:

Use the company's server to send SPAM.
Steal copies of the company's source code.
Destroy copies of the company's source code.
Deface the company's websites.

Obviously these are extreme cases but, it could happen. As someone once said:

Learn this now and learn it well: they're coming for you. They want to destroy you and your site. They want to get you fired, they're going to steal your credit card data and probably make your milk turn sour. Are you paranoid yet? Good. Always, always, always pay attention to security concerns. You only need to overlook it once for all to be lost.

Nothing you do will make your data %100 secure. However, if you follow the guidelines presented in this document you can rest assured that will have virtually no disasters.

There are three ways in which you must protect your PC:

Use a Firewall.
Use anti-virus software.
Keep up with current security patches for your OS.
Talk to your Network Administrator

Using a Firewall

A firewall prevents unwanted network traffic from reaching your PC. Without a firewall your PC can be vulnerable to a plethora of attacks. When you use a firewall you block all network traffic to and from your PC. Then you specifically allow traffic in and out that you need. This "minimalist" approach is how the professionals use firewalls. You should use the same method. There are several firewalls available for Windows. ZoneAlarm is a good choice. Following the instructions that come with ZoneAlarm should give you a reasonably secure firewall.

Using Anti-Virus Software

Having anti-virus software and using it are two different things. However, let's first assume you do not have anti-virus software: Norton Anti-Virus along with McAfee are probably the most popular and thorough solutions available today.

Using Anti-Virus software effectively requires that you:

Keep your AV software up to date with all the latest patches and virus definitions. You should check to ensure that your AV software is up to date at least once a week.
Scan your entire computer for viruses regularly. If your computer is used everyday you should scan for viruses everyday.

Caveat:

Email viruses can sometimes get past your AV software. To protect yourself remember this:

Never, ever open an email attachment unless you have confirmed with the sender the nature of the attachment. If that person has not knowingly sent you the attachment in question delete it from your inbox and from your trash or deleted items folder.

Keeping up with security patches for you OS

Microsoft releases updates and patches to their operating systems regularly. You should check their Windows Update website for updates and patches at least once a week. Other operating systems (GNU/linux, MacOS, FreeBSD, etc.) have similar tools to ensure your system is up to date. Check your documentation or ask your network administrator.

Talk to your Network Administrator

Before you secure your server and gain remote access you should first talk to your network administrator. Your administrator will help you to secure you machine but, first you need to supply him with information:

What type of Internet connection do you have at home?
What firewall software do you use or are planning to use?
What anti-virus software do you use or are planning to use?
What operating system do you run at home?
Do you run any network services on your home PC (i.e. file sharing, web server)?

With this information your administrator can help you to secure your PC before you install remote access.

1.) Dumpster Diving - One Man's Trash - Grifter
2.) Ham Radio: An Introduction - A
3.) Pirate Radio - Manic Velocity
4.) Hacking by Numbers - madirish
5.) Authentication protocols and there weaknesses - Chernobyl Chickun
6.) Remote access and Security - Mark Jorgensen & Neil H Watson
7.) Myths about TCP Spoofing - Grandmaster Plague

Source

Tags

Articles

You May Also Like

Other Articles In This Section

Recent News

Monday, May 20th

Two students find security bug that could let millions do laundry for free
Lazarus Group Moves $147.5M in Stolen Crypto (BTC, ETH) to North Korea, UN Report Reveals
Time Is Running Out in the Hunt for Rare Bitcoin
“Unprecedented” Google Cloud event wipes out customer account and its backups
What happened to OpenAI’s long-term AI risk team?

Thursday, May 16th

Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks
Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach
MIT students stole $25M in seconds by exploiting ETH blockchain bug
BreachForums, an online bazaar for stolen data, seized by FBI

Wednesday, May 15th

It’s the End of Google Search As We Know It
Google strikes back at OpenAI with “Project Astra” AI agent prototype

Tuesday, May 14th

Security researcher says PoC for kernel vulnerability targeting iOS 17.4.1 and older coming soon
Apple releases iOS 17.5, macOS 14.5, and other updates as new iPads launch
Disarmingly lifelike: ChatGPT-4o

Monday, May 13th

FBI To Charge Teenager Hackers From Scattered Spider Who Hacked Hundreds Of Organizations
JTAG Hacking An SSD With A Pi: A Primer
As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide
North Korean hackers deploy ‘Durian’ malware, targeting crypto firms
Interview With the Russian-Military-Linked Hackers Targeting US Water Utilities
Google patches its fifth zero-day vulnerability of the year in Chrome
OpenAI revs up plans for web search, but denies report of an imminent launch

Friday, May 10th

Boeing Confirms Lockbit Hackers Wanted $200 Million Ransom After 2023 Hack
Dell discloses data breach of customers’ physical addresses
Poland says it was targeted by Russian military intelligence hackers
Leaked FBI email stresses need for warrantless surveillance of Americans
Stack Overflow users sabotage their posts after OpenAI deal
Fedora Asahi Remix 40 is another big step forward for Linux on Apple Silicon Macs
6 Practical Tips for Using Anthropic's Claude Chatbot

Thursday, May 9th

OpenAI Is ‘Exploring’ How to Responsibly Generate AI Porn
Dell responds to return-to-office resistance with VPN, badge tracking
Hands-on with the new iPad Pros and Airs: A surprisingly refreshing refresh

Wednesday, May 8th

Chinese Hackers Deployed Backdoor Quintet to Down MITRE
Apple announces M4 with more CPU cores and AI focus
Boeing says workers skipped required tests on 787 but recorded work as completed
Ransomware mastermind LockBitSupp has been ID’d