You may recall my previous article of two weeks ago, in which I described how my email account was busted by the Defcon Wall of Sheep. As the Internet grows more complex and more attackers are lurking in the shadows waiting to pounce on hapless sheep, Internet security also becomes more important.
Because of the way that the Internet is constructed, information is sent and received in the form of “packets.” When, for example, you send an email, your message is not sent as one contiguous file. Instead, your message is divided into multiple packets, which are tiny groups of data. Each packet contains a small bit of your email message, as well as information defining where the message came from and where it is supposed to go. These packets fly all around the world across the Internet, seeking the most efficient way to reach their destination. Depending on current Internet “traffic” flow, some packets will take one route to their destination, while other packets will take different routes. Once all of the packets reach their target (i.e., Aunt Marge’s email inbox), they are, if all goes well, reassembled into your original message.
If you’d like to see packets in action, click Start, and then Run. In the box that says Open, type cmd and then hit the Enter key. This will open a Command (cmd) screen, or “prompt.” Type ping google.com and hit Enter, again. If you are connected to the Internet, your computer will start sending packets to Google, as if to say, “Hello, Google, are you there?” If all goes as it should, Google will sent back reply packets, followed by a short report of what just happened. The report will detail how many packets were sent and received, as well as how long the round trip lasted.
Every time you send or receive an email, click on a link, visit a website or download a file, your computer is exchanging packets with another computer. Unless specifically instructed otherwise, your computer is sending and receiving “clear text” or “plain text” unencrypted packets. Anyone with the right knowledge and tools can intercept these packets and easily read what they say.
In many cases, this type of clear text packet exchange is no big deal. However, when you check your email or login to an online account, your computer is sending packets that contain important private information, such as user names, passwords and account numbers. Suddenly, unencrypted clear text packet exchange becomes a very big and dangerous deal. This is how I was busted by Defcon’s Wall of Sheep. My Outlook email program, in its default configuration, was sending my user name and password in unencrypted packets. These packets were intercepted, read and displayed for all to see. Yikes.
Fortunately, the situation is not that hard to remedy, using a technology called Secure Sockets Layer, or SSL. If you are using a Webmail interface, meaning that you visit a website to do email, you’re probably OK. On the other hand, if you use an email program such as Outlook, Outlook Express, Windows Mail, Macintosh Mail, Eudora or Thunderbird, you are in danger. Please do not call me to ask me which one you are using; if you don’t know, then you probably shouldn’t even be using a computer. Figure it out for yourself, and you will have learned something valuable.
If you are using any of the above-mentioned email programs, you need to change some settings in those programs to implement SSL. Most all of the major Internet Service Providers (ISPs), such as Cox and AT&T, offer SSL capability, and have instructions on their websites about how to set it up. When in doubt, call your ISP and they will walk you through the process.
Even though SSL email is not perfect, using it will instantly turn your computer into a much less visible and less desirable target for exploitation by the Internet bad guys. They will most likely ignore you and move on to the more easily-conquered sheep; that’s a good thing.