Brought to you by EarthWeb
IT Library Logo

Click Here!
Click Here!


Search the site:
 
EXPERT SEARCH -----
Programming Languages
Databases
Security
Web Services
Network Services
Middleware
Components
Operating Systems
User Interfaces
Groupware & Collaboration
Content Management
Productivity Applications
Hardware
Fun & Games

EarthWeb Direct EarthWeb Direct Fatbrain Auctions Support Source Answers

EarthWeb sites
Crossnodes
Datamation
Developer.com
DICE
EarthWeb.com
EarthWeb Direct
ERP Hub
Gamelan
GoCertify.com
HTMLGoodies
Intranet Journal
IT Knowledge
IT Library
JavaGoodies
JARS
JavaScripts.com
open source IT
RoadCoders
Y2K Info

Previous Table of Contents Next


Passwords

Most modern multiuser systems have a facility for passwords. Passwords are used to provide the computer system with some certainty that the user is who he or she claims to be. Passwords should not be written down or shared. This is a matter of policy. There are many hacking tools used by data bandits that will attempt to break into a computer by guessing passwords. The following are some easy rules that make it difficult for these programs to succeed:

  Do not choose a word that is valid in any language. In the past, books have recommended not choosing any English words. Hackers have become more sophisticated and are now using international dictionaries.
  Do not use the CompuServe-style passwords. These were typically of the form word-punctuation-word (e.g., dog!fast). The hacker programs will now guess these.
  Use a combination of upper- and lower-case and nonalphabetic characters.
  Do not use a word appended by a single numeral (e.g., hello3). Several operating systems have required passwords with at least one numeral. This one numeral requirement led many people to pick words and then append a number (usually 1) to the end. The hacker programs detect this.
  Do not make passwords so difficult to remember that they must be written down. That defeats the purpose.
  Encourage the use of the concatenation of the first letters of a phrase. For example, To be, or not to be would yield the password tbontb, which is not a word. If this is interlaced with numerals, the resultant password is t1b2o3n4t5b6. This password is both easy to remember and difficult to guess.
  Encourage users to change their passwords often. This can be done through administrative (i.e., paper) or technical (i.e., program) policy.

Viruses

Viruses are small pieces of computer code (programs) that are hidden in computer programs, on floppy disks, or wherever the computer vandal can sneak them. Like the hackers themselves, some are malicious and will devastate as much as possible and some will only irritate (e.g., play Happy Birthday) on the hacker’s birthday. Personal computers like MS-DOS-based machines and Macintoshes are more susceptible to viral attacks because of the unprotected nature of the operating system. Protected operating systems like UNIX and Windows NT are better equipped. Like the other security problems, there are a range of solutions, including the following:

  No protection whatsoever. The computer support group is leaving itself wide open. This option is not suggested. (However, a surprising number of facilities choose this option.)
  Virus software. This is a good first step, but there should be a good, automated way of updating the software. The virus protection software becomes out-of-date quickly (as new viruses are introduced) and must be updated more often then normal applications software. Depending on particular operating systems, there are packages that run on the servers (to check user’s files) and programs that scan the user’s PC. Instead of installing the virus software on every PC, some companies have established virus scanning stations at key locations in their buildings. They then make it a matter of policy that all users must have their floppy disks scanned before using them on their PC.
  Remove the floppy drives. Some companies have cut off the source of most viruses and removed the floppy disk drives from their computers. In many environments, however, this is an unacceptable solution.

EXTERNAL SECURITY

Internet Firewalling

It has been established that the most secure way to connect to the Internet is to have a minimal machine act as a gateway or firewall between a production network and the outside world. Internet firewalls can be designed with varying levels of security and difficulty. A simple firewall can be implemented without expensive equipment or noticeable interruption. It is important to plan a firewall before connecting to the Internet. Users may get accustomed to certain functional ability, which administrators may be forced to remove after the installation of the firewall.


Previous Table of Contents Next

footer nav
Use of this site is subject certain Terms & Conditions.
Copyright (c) 1996-1999 EarthWeb, Inc.. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Please read our privacy policy for details.