How Personal Firewalls Work

How Personal Firewalls Work

People who use high-speed connections, such as cable modems at home, might be prone to hackers' attacks because computers connected to the Internet in this way are more vulnerable and more enticing to the hackers. To protect home computers, many people have turned to personal firewallssoftware that runs on the computer and protects the computer against Internet attacks. To understand how personal firewalls work, you first need to understand the concept of Internet ports. An Internet port isn't a physical devicerather it's a virtual entranceway between your computer and the Internet. When you make an Internet connection, many of these virtual connections are opened up, and each has its own number and purpose. For example, email software usually uses port 110 on a mail server to get mail and uses port 25 on a mail server to send mail. FTP software usually connects to FTP servers using port 21.


How Proxy Servers Work

System administrators can set up proxy servers to be used for many services, such as FTP, the Web, and Telnet. System administrators decide which Internet services must go through a proxy server. Specific proxy server software is required for each kind of Internet service.


Chapter 45. How Hackers Can Cripple the Internet and Attack Your PC

Hackers are equal opportunity attackersthey attack individuals as well as websites by using a variety of software and malicious programs. Among hackers' many targets are Internet service providers (ISPs)companies that sell access to the Internet. A hacker might target an ISP for several reasons: He might be angry at the ISP or at someone using the ISP, or he might attack the ISP for the mere thrill of it. Hackers also often attack big websites as well.

One of the most common attacks against an ISP or websites is a denial of service (DOS) or distributed denial of service (DDOS) in which a hacker incapacitates a network by flooding it with extraneous traffic. There are several ways that a hacker can launch a DOS or DDOS attack. One of the most popular ways is called a smurf attack, or smurfing. In a smurf attack, a hacker floods the ISP with so many garbage packets that all the ISP's available bandwidth is used up. The ISP's customers can't send or receive data and can't use email, browse the Web, or use any other Internet service.

In a smurf attack, hackers exploit a commonly used Internet serviceping (Pocket Internet Groper). People normally use ping to see whether a particular computer or server is currently attached to the Internet and working. When a computer or server is sent a ping packet, it sends a return packet to the person who sent the ping, which in essence says, "Yes, I'm alive and attached to the Internet." In a smurf attack, hackers forge the return addresses on ping requests so that, instead of going back to them, the return packets go to the hackers' target ISP. The hackers can use networks attached to the Internet as a way of relaying their ping requests and magnifying each ping request many times. In this way, a hacker can use networks attached to the Internet to flood the ISP with so many return ping packets that the ISP's customers can't use the ISP's services. Hackers can use multiple networks attached to the Internet in a single smurf attack. Smurf attacks are hard to ward off because the ping answering packets come from legitimate networks and not from the hacker.

Hackers don't just target ISPs, of course. They attack individuals as well. As you'll see in the illustration later in this chapter, hackers can take over people's computers to delete and steal files, steal personal information and passwords, and even use the person's computer as a launch pad for attacks on ISPs and websites.

One of the most insidious dangers on the Internet is zombies, computers that have been taken over by hackers, and will do their bidding. The reason for the name is obviousin non-computer terms, a zombie is someone who has been dead, and then resurrected to do the bidding of a zombie master. The zombie has to follow the commands of his master, and has no will of his own. Hackers take over ordinary PCs and turn them into zombies.

How do hackers get into your PC to turn it into a zombie or to attack it in other ways? Often, right from the Web via your web browser, or else via emailand you'll see both means of attacks illustrated in the following pages.