Keep Your PC Safe - Internet Security For the Home User

As the number of cable modems and Wi-Fi networks increases, internet security is becoming more of an issue. You may think that your Internet connection is safe from unwelcome and unwanted intrusion by hackers, but there are some things you can do to improve your security levels to stop hackers gaining access to your personal details, bank account numbers and passwords.

The reason that Internet security is becoming more of an issue now is that people are spending longer connected to the Internet. And unless that pathway is protected by high level security, the hackers will have more opportunities to find a way in. Hijacked machines (often known as zombies and forming part of botnets) are valuable to fraudsters and spammers. The trick is to beat the hackers at their own game.

There are three aspects of home Internet protection, sometimes referred to as the 'holy trinity'.

Personal firewall/intrusion detection

These are the firewalls that often come with your operating system. In older operating systems such as Windows 95 and 98, these systems have virtually no inbuilt security. Because these systems have now been superseded by more up to date software, it is advisable that if you are still operating Win95 or 98 to upgrade to a system that is supported by a Microsoft inbuilt firewall.

All versions of Vista, XP and 2000 are still supported by Microsoft and have inclusive firewall protection. For an additional layer of security, external firewall programs can be incorporated into your operating system as simply as downloading any other piece of software. It is advisable to talk to an expert, however, as some firewalls may not be compatible with your operating system and you may encounter run conflicts that could affect other aspects of your system.

The most popular free downloadable firewall is Zone Alarm, although for comprehensive coverage, Zone Alarm Pro is probably a better option. You can also set your Internet security levels to 'high' on your operating system if you are going to be on the Internet for prolonged periods.

Anti-spyware software

Spyware is software that covertly gathers user information through the user's Internet connection without his or her knowledge. That information is then passed to a third party (the hacker or fraudster) and suddenly your secure system isn't quite as secure as you thought it was. There are countless pieces of embedded software (often also known as 'malware') that piggyback onto downloads and install themselves into your operating system. These include BHOs (Browser Helper Objects) which hijack your browser and take it to their 'chosen' site whether you want to go there or not. Although annoying, these don't do any real damage. However, other spyware can count keystrokes and relay these back to hackers who, from this data, can uncover passwords and other information such as account numbers. Anti-spyware software stops this malware from infiltrating your computer and leaving your important information exposed.

Anti-virus software

A virus can devastate a computer. Designed to cause maximum damage to your data, viruses are created to cause mayhem and have no other purpose other than that. Anti-virus software is essential, particularly if you are using the Internet for long periods of time, and the best option is to include a package such as McAfee VirusScan in your operating system. Ensure that you update this program regularly (you will receive prompts from your computer on start-up).

No piece of anti-virus or spyware software can cover all threats, so it's a good idea to keep an eye out for updates and to combine several systems to cover your bases. There are also some things you can do for yourself when online to keep your PC and your personal details safe:

• Never open email attachments if you do not know who the email has come from, or even from friends. This is the easiest way to allow a virus to access your system.
• Avoid downloading files from sites you are not familiar with.
• Ensure that your security protocol is set to 'high' if you are going to be online for any length of time
• No bank will ever ask for your details via email. Any that do are scams and should be immediately deleted without responding and your bank notified of the scam attempt.
• If something looks suspicious (poor spelling, bad graphics), then trust your instincts - it probably is a bogus email or phishing attempt to get access to your personal details
• If you have a wireless network in your home, ensure that it is password protected.
• Never have the same password for all your sites.

With a little thought and preparation, you can keep your home PC safe from outside attacks and your details out of the hands of fraudsters.

IT247.com has one of the UK's largest catalogues of IT, consumer electronics and related accessories, at highly competitive prices and best availability. Buy Laptop Computers and Internet Security Products online at http://www.it247.com

DDoS Attack Hits Amazon Cloud Customer Hard

UPDATE: updated to clarify that the downtime was isolated to the single customer, and to include comments from Amazon Web Services.

(WEB HOST INDUSTRY REVIEW) -- As has been reported in several sources this week, including this report from The Register, a customer of Amazon’s cloud computing service - Bitbucket (www.bitbucket.org), a web-based code hosting service that uses both EC2 and the Amazon’s Elastic Block Storage - reported 19 hours of downtime as a result of a DDoS attack.

The disruption, as most of the reports have mentioned, is certain to raise questions about both the resiliance and stability of cloud hosting solutions, as well as invite scrutiny into the quality of Amazon’s response to customer situations like this one.

In an email, Amazon Web Services public relations manager Kay Kinton writes "The customer’s Amazon EC2 instance was receiving a very large amount of network traffic. This large flood of traffic exceeded the networking of the customer’s single Amazon EC2 instance and caused performance to degrade on all network operations for that instance (including access to the EBS volume). Once we properly diagnosed the problem, we worked with the customer to put measures in place to help mitigate the unwanted traffic they were receiving. We have continued to work with the customer to apply network filtering techniques which have kept their site functioning properly."

Bitbucket operator Jesper Nøhr spent a great deal of energy venting his frustrations about the situation via Twitter over the weekend and on Monday. He also published a detailed account of the outage timeline on the company’s blog.

He says in the post that, while he was advised not to reveal the source of the outage (according to The Register, because Amazon felt revealing the attack might give future attackers fuel for designing new means of attacking the service), he believed he owed it to customers to explain what went wrong.

“We were attacked. Bigtime,” he wrote. “We had a massive flood of UDP packets coming in to our IP, basically eating away all bandwidth to the box. This explains why we couldn’t read with any sort of acceptable speed from our EBS, as that is done over the network. So, basically a massive-scale DDOS. That’s nice.”

Nøhr’s blog post, and much of the discussion that has flowed from the incident, is more a look at Amazon’s response, and a debate about the nature of customer service than an investigation into the technical issues at play. His post concludes by saying Bitbucket is taking measures to ensure an outage of this kind won’t happen again, and that those measures might include moving to a new hosting provider.

In the final analysis, he doesn’t come down too hard on Amazon, demonstrating that the company devoted a lot of support attention to his cause after a frustrating (and exceedingly long) preliminary period – about 10 hours.

After the service was originally restored, Bitbucket reportedly suffered two further attacks, Sunday morning and early Monday.

The technical question seems to be how an attack using external traffic was able to disrupt the connection between Bitbucket’s EC2 and EBS resources, which one might reasonably consider an “internal” network connection, and why Amazon didn’t have the means in place to more quickly identify the outage as the result of a DDoS attack.

Kinton points out that AWS may have to do more work to help educate customers on the availability of measures to mitigate the impact of unexpected spikes in traffic.

"We are working to make sure we learn from this and continue to improve the speed with which we and our customers can diagnose issues like this," she says. "We will also provide additional guidance to our customers on how they can better detect this sort of problem and use existing features of EC2 to run a highly scalable and available website. These features include taking advantage of EC2’s scale-out ability to run multiple instances in multiple availability zones and regions, the Elastic Load Balancing feature which helps users filter and balance traffic among their instances and the Auto-Scaling feature which allows users to scale in response to changes in customer traffic."

In the comment section of the Bitbucket blog post, Nøhr wrote that he wouldn’t answer many of the technical questions posted in the comments, but that the company’s system admins “are writing a follow-up post outlining some more meaty details with numbers and graphs.”

Source: http://www.thewhir.com/web-hosting-news/100609_Outage_Hits_Amazon_Cloud_Customer_Hard