I’ve learned a couple of things about security recently that I’d like to share. This should be of particular interest to xDSL and cable modem subscribers. I know a good number of TPCUG members have Roadrunner.

Now, I don’t claim to know a lot on the subject, but I have some help in the form of a web site called http://www.grc.com. Basically what I’ve been doing is following the advice given on that website. GRC has a web program called ShieldsUp! that looks at your site and gives you back all the information it can find about your computer and gives advice on what to do about it.

I’ve known that cable modem subscribers have particular problems in keeping their systems safe. That’s because the Roadrunner system is actually a network of computers that you’re attached to as long as your computer is on. Also, cable modems have one thing in common with xDSL subscribers, a semi-permanent IP address. You may be logged into the network for weeks at a time, and you keep the same address until you log off and on again, lengthening the time that a hacker will have to work on breaking into your computer.

My first awareness of the problem was when a friend of mine called me one evening and said that my computer was wide open and that if he wanted to, he could send a file right to my hard drive! Now, this is an unusual circumstance having to do with the fact that I am also running a local network in my house. My immediate solution was to simply put a good "full" password on my hard drives.

Later, I got email from the Roadrunner help desk warning about running Wingate Internet sharing software in the default configuration, and what to set to prevent intrusion. Also, they advise turning off – uninstalling - "File and printer sharing for Microsoft Networks".

So let’s talk about File and printer sharing first. Now this applies to everyone. If you have one computer … you don’t need it. So check to see if you have it installed. You may be surprised. Go to Control Panel, Networks and look at the main window where it lists the network components; adapters, protocols and clients. See if "File and printer sharing for Microsoft Networks" is there and remove it after locating your Windows CD; it’ll ask for it.

So what if you have a network? I do need File sharing. If I didn’t, I wouldn’t have a network, would I? Here’s what I learned from ShieldsUp!. If you have TCP/IP networking protocol "bound" to File and printer sharing, you’re exposing everything you share to the whole network! (As I was, but with a password.) Now it’s simple to fix. In Networking, select the protocol TCP/IP, Properties, and the Bindings tab. UN-check File and Printer Sharing. You don’t need it, because if you go to NetBEUI properties, and select Bindings, you’ll see that you have a perfectly good protocol for file sharing.

So back to ShieldsUp!. I was exposing much less, but the site could still read my Computer name, my Workgroup name, and Computer Description. So I’m still not completely happy. Coincidently, I got some email from SyberGen, the maker of my Internet Sharing, notifying me a new version was available free to current license holders. So I upgraded, and also found they have a new firewall product called SyShield. Installing the SyShield demo software completely protected my computer, but it was too troublesome. From time to time I’d lose my connection altogether. So I removed it. And in reading the very good documentation on the SyberGen site it suggested enabling the firewall option on SyGate, the sharing software. Well,... I had missed this option altogether, and it fixed everything. Now ShieldsUp! says my computer is "unusually secure" for a Windows 98 machine.

So this is simply building up to a very hearty recommendation for SyGate Internet Sharing software. It’s extremely easy to set up. It’ll work with xDSL, dial up modems and cable modems. For cable modems (and I presume xDSL) you must have two Ethernet cards: one for the modem and one for your network. With Wingate, you could use but one Ethernet cable to a hub, but both Wingate and Roadrunner recommend that you do not do that, because of a serious security hole to the Internet.

Sygate is at http://www.SyberGen.com. There’s a 30 day trial download of the software. You can subsequently buy a license key for $50. It’s a relatively small download and has been perfectly reliable. They notify you when a new version is available (I’m on my third) free. It uses no interrupts and is virtually unnoticeable running on a lightweight computer like the 166 I have it on. But you do have to have two Ethernet cards. On some systems it will share an single interrupt for both cards, but don’t count on it. u