Protect
yourself against amateur "hackers" who long ago
discovered an easy and cheap way to zap you off the
Internet and piss you off. It's called "WinNuke,"
and is done by running a program that exploits a
large bug in Win95/NT's networking system, allowing
them to bomb your system with extraneous gunk,
crashing your computer and forcing you to restart.
Two of the WinNuker's favorite hangouts are America
Online and the chat program ICQ, but they can target
you from any of a zillion Web sites or other ISP's
as well. The program is freely available on the
Internet, can most likely be turned up by a simple
search on any major search engine, and is easy for
anyone with a Unix account to run. (Other programs
like mIRC scripts allow the zapper to go through an
entire IRC channel and nuke everyone at once. Fun,
huh?) Well, there's an easy solution. Go through
Microsoft's Web sites and download two patch files,
VIPUP11.EXE and VCTPUPD.EXE. (The Web site addresses
are as follows: support.microsoft.com/download/support/mslfiles.Vipup.exe
and ...vctpupd.exe, where the rest of the URL
is the same as the VIPUP address. Download 'em both
to a temporary folder. Double-click the VIPUP11.EXE
icon, let it install itself, then do the same to the
VCTPUPD.EXE icon. Restart your computer. (Make sure
you install the two in this order; installing them
backwards wipes out VCTPUPD.) Now, update your
Winsock connection by installing the two Winsock
updates in the "Updates" section below. Delete the
four original downloads from your hard disk, and
prepare to sneer at the little WinNukers.
Don't get too happy now that you've inoculated
yourself against the nukers. Several other
"denial-of-service" (DoS) attacks similar to WinNuke
are making Net users grind their teeth. One called
"The Ping of Death" and a cousin, "Teardrop,"
exploit known holes in TCP/IP implementation, as
does the "SYN" attack and its mutant cousin, "Land."
The "Smurf" attack targets your Internet protocols
directly and causes major net congestion, while the
"UDP Flood" uses the widely accepted User Datagram
Protocol to flood LANs and PCs with useless data.
The good news: Most problems generated by these
beasties are experienced by networked PCs who belong
to targeted LANs. The home user isn't seeing these
very often. Still, forewarned is forearmed; check
out the good people at www.cert.org at Carnegie
Mellon University for the latest info about these
critters and how to shield yourself from them. Also
look into Microsoft's security site at
www.microsoft.com/security.
More about security: it's absurdly easy for amateur
hackers to invade your PC over the net, root around
in your files, even reformat your hard drive. Yeesh.
Get a quick security check from ShieldsUP! at
grc.com/default.htm. You'll need to download a
very small program which, after you connect to the
Internet, allows the ShieldsUP site to probe your
computer for security breaches. Are they
trustworthy? I hope so.... Anyway, this site
contains tons of information on how to seal security
breaches, firewalls, etc. etc., so it's worth a
visit. Forewarned is forearmed. If you want to know
just how easy legal hacking is, visit the Happy
Hackers at www.happyhacker.org and be
prepared to be shocked. These guys seem harmless,
but there's plenty of people out there who aren't.
Another site worth visiting is HackerWhacker, at
www.hackerwhacker.com. HackerWhacker scans over
130,000 possible port addresses on your PC for
security flaws and examines your Windows NetBIOS
configuration. HackerWhacker's first scan is free,
but subsequent uses cost $10 per scan (or you can
pay $30/month for unlimited scans). Another place
for free PC scanning is www.pcflank.com/, and
DSL Reports offers broadband scanning at
www.dslreports.com/ Others that are useful can
be found at www.vulnerabilities.org/ and
www.it-sec.de/vulchke.html.
Check Steve Gibson's site for a detailed discussion
of a wholesale DOS attack he recently survived. Good
reading and lots of ideas for upgrading security:
grc.com/dos/grcdos.htm.
Fear-mongering sites are out there, too. Fred Langa
discovered one called "How Secure is Your Computer?"
at www.robrob8.com/online_security.htm that
uses a harmless display of your C:\ drive to scare
you into thinking your PC is vulnerable. The site
wants you to buy a copy of BlackICE Defender, a
well-regarded firewall.
