X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Until recently, few small to mid-size firms or home-based lawyers needed to worry about computer security beyond protection against viruses and e-mail interception. Networks were “local” and used relatively safe dial-up connections. Internet hackers focused on large enterprises and Internet servers. Not anymore. The bad news: Desktop and notebook computers connected to the Internet are at risk. The availability of high-speed “always on” Internet connections means that desktop and notebook computers are exposed to risk for longer periods of time. Often, computers are linked to local networks at work and at home, and networked configurations open additional windows for hackers to exploit. A variety of new and sophisticated tools allow hackers to explore many computers for security weaknesses in a short period of time. PREVENTATIVE MEASURES The good news: Relatively simple steps can dramatically reduce risk. Dial-up connections are relatively safe when compared to high-speed connections. Dial-up Internet sessions are typically short, and most dial-up connections randomly assign a new Internet address to a computer each time the user signs on, frustrating hackers who use “robots” to identify Internet addresses worth exploring, and then return to those Internet addresses at a later time to hack. Less time online means less exposure to hacking. By contract, cable modems, ISDN/ASDL lines and in-building fiber optic networks are connected to the Internet 24/7, and typically they use fixed Internet addresses, ensuring that the computer will be at that address when the hacker returns. Hackers are opportunists who look for valuable information that is easy to get. Law firm computers typically contain files that fit hacker profiles: files with “confidential” headers; client Social Security numbers and tax identification numbers; tax data, etc. Most of this information is not encrypted. The nature of the information contained on law firm computers lights up the radar on hackers’ automated scanners, which can scan millions of computers. Most academic, corporate and military servers use operating systems that are designed to protect sensitive information from outside intrusion and also are protected by sophisticated monitoring software and firewalls. Not so with desktop and notebook computers. The Microsoft Windows 95/98 and Windows NT Workstation default network configurations were optimized for ease of use and sharing information among computers on local networks. As a result, security protections are relatively weak unless special precautions are taken to protect the computers. (Note: The Windows 2000 operating system includes new security functions.) Vulnerability arises, for the most part, from two things: insecure Microsoft networking configurations that enable the computer to operate on the Internet and a local network without building a wall between the two; and applications that open “doors” into the computer independent of network configuration — applications such as personal Web servers, Internet Relay Chat, Telnet, Web browsers, file transfer protocols, e-mail, remote access and so on. Insecure network configuration presents the greatest risk because network configuration errors are so common that hackers typically set automated scanners to probe that single vulnerability efficiently. Scanning for doors opened by applications is less common, although security holes in Microsoft Web Server and Microsoft Outlook are targeted with enough frequency to be a realistic concern. Other doors are less common and harder to open. The vulnerability is greatest when two conditions are met: The computer is configured to connect to the Internet and a local network using Client for Microsoft Networks; and file and printer sharing is enabled. Computers using Windows 95/98 and Windows NT Workstation default to an open network configuration. The reasons for the open network configuration are sound — default configurations were designed for ease of use and easy local networking for smaller businesses and SOHO/home users. They were designed to reduce the need for technical knowledge when installing and maintaining the computers and networks rather than for tight security. Windows networking default settings bind all active components on each layer to all active services on the other layers. The default settings bind the active Network Services Layer to the Internet’s TCP/IP Transport Layer Protocol, opening the individual desktop and notebook computers connected to the Internet (and by extension, every other desktop and notebook computer on the local network with that computer) to hacking from the Internet. A computer configured in “bind everything” mode is vulnerable whenever it is connected to the Internet, even when not attached to a local network. For example, a lawyer who takes a notebook computer home from the office and logs on to the ‘Net to check e-mail is vulnerable if the notebook is not properly configured. Because the vulnerability is in the computer itself, law firms and law departments cannot depend solely on network firewalls at work for protection — any computer that connects to the Internet when outside the network is open to hacking. KEEP IT SAFE These are the two keys to safeguarding desktop and notebook computers using Microsoft networking under Windows 95/98/NT Workstation: Configure Windows to “unbind” the components needed for the local network from the components needed for Internet access, if feasible; and if that is not possible, use a “personal firewall” on the computer. Key No. 1: Configure windows to reduce your risk. The first alternative, while not always possible, is the simplest and most effective way to achieve a reasonable level of security. The idea is to use TCP/IP for Internet connections and either NetBEUI or IPX/SPX for local network connections and to keep the two functions separate. This removes Microsoft’s default bindings between the TCP/IP and services and adapters needed to operate the local network and removes Microsoft’s default bindings between the NetBEUI protocol and the adapters used for Internet connection. The methods by which this can be accomplished will vary, depending on the network operating system and many other factors. A caution: Unilaterally unbinding the layers on a desktop or notebook computer without taking the firm’s network configuration as a whole into consideration will mostly likely result in disaster, knocking you off your firm’s network. Key No. 2: Use a “personal firewall” to reduce risk. Separating the two networks is feasible only when the local network can be configured to use NetBEUI or IPX/SPX as the local network transport protocol. In some cases, NetBEUI or IPX/SPX is not a workable alternative because TCP/IP is or must be used as the transport protocol (e.g., UNIX local networks, ISDN — digital phone lines — Internet connections and virtual private networks). In addition, some applications (e.g., Microsoft Personal Web Server and remote access programs) open the computer to access from the Internet, regardless of the transport protocol used for the local network, rendering Internet to local network separation inadequate to protect a notebook or desktop computer. In all these cases, a personal firewall is needed to protect notebook and desktop computers. Properly designed personal firewalls create a security zone around the individual computers — effectively protecting against intrusion originating anywhere outside the computer — from the Internet, from other users of an office local network or from curious neighbors poking around a virtual network created by some kinds of high-speed Internet connections. When a computer is attached to local network protected by a network firewall, the personal firewall adds a layer of protection — providing a second barrier to hacking from the Internet and protecting the desktop or notebook computer from unauthorized access by co-workers. When the computer is outside the office — at home or on the road — the personal firewall provides primary protection for the computer — from the Internet, from other computers on a home network and from other users connected to a virtual network using certain types of high-speed Internet connections. How secure is secure? Nothing — absolutely nothing — will render a desktop or notebook computer 100 percent secure. Security is an ongoing exercise, a series of technological skirmishes between security experts and hackers flanking and maneuvering for advantage. What works today may not work three months down the road. At present, these safeguards — Internet to local network separation and personal firewalls — will provide reasonable levels of protection against hacking.

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at [email protected]

 
 

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.