Security: Leaving apps running... (slightly long-winded)
Security and leaving applications running...
This is kind of an interesting question, because in all likelihood you'll not know your system is being compromised regardless of whether or not you're sitting at the keyboard.
However, you could argue that you reduce the risk of being attacked simply by reducing the amount of time that a potential attack point is available.
----------------------------------------
Question 1: What types of applications should I worry about most?
Applications that have some kind of "server" capability (allowing people or other systems to connect to your machine) are your biggest concern.
The following applications fall into this category...
- MP3 / file sharing software (napster, hotline, etc)
- Instant Messaging clients
- Web Servers (including personal web sharing)
- File Sharing
- Email servers
It is possible that an application like this may have a bug or "back-door" that allows someone to gain remote access to your machine.
Ironically, these are also the types of applications that people generally leave running unattended!
To be safe, turn off your instant messaging and MP3/File sharing software when you're not using it. Also, disable Web Sharing, File Sharing and other services if you don't use them on your machine.
---------------------------------------
Question 2: What about a Web browser?
You really have little to worry about with a Web browser or email client while you're not using it.
The nature of attacks on Web browsers generally require the user to actively visit a site that exploits some kind of vulnerability in the browser or a browser extension. (Such as a plugin, java environment, activex function, etc.)
That being said, I'd recommend quitting your browser after visiting warez sites.
-----------------------------------------
Question 3: What about an email client?
Again, email client attacks generally require that someone is using the email software. They generally take the form of a trojan program (commonly known as an "email virus").
Email viruses are generally avoidable.
Don't double-click on the attachment that you weren't
expecting! Especially if it seems designed specifically to entice you into opening it! It might actually be a program that is designed to do something sinister (like wipe your hard drive).
That being said, there have been cases in the past (one involving Microsoft Outlook last year) that involved attacks which only required that a user "receive" a specially designed email message.
A successful attack using that vulnerability could have made every other "email virus" problem look trivial in comparison. There was really the potential to wipe the hard drive of almost every PC in the world running Microsoft Outlook within a matter of hours or days.
Luckily, the problem was fixed and widely distributed before anyone launched a major successful attack using that vulnerability.
I'd be slightly worried about leaving my email client running. Especially if it's a complicated client such as Outlook* which supports multiple protocols so that it can talk to Exchange, POP, IMAP, etc.
Safer yet, use a Web mail interface.
* Note: "Outlook" is a client for Microsoft Exchange mail servers and is different than "Outlook Express".
-------------------------------
Question 4: What other things should I worry about?
You should be especially cautious when using "beta" quality software or software from a source whose reputation you cannot verify.
Many of the "funny games" that get emailed around are actually trojan programs that allow remote access to a user's machine.
The Macintosh community is rarely a target because of our limited user base. Make no mistake, we are potentially very vulnerable! It's just that we haven't been targetted.
---------------------------------
Question 5: What about firewalls?
If you've got a dedicated home connection (such as cable modem), I highly recommend that you pick up a small firewall/router. They're easy to set up, fairly inexpensive (~$100) and offer basic protection from many types of attacks.
Of course, they also let you share your internet connection with multiple machines!
---------------------------------------
Final Answer...
If you're really worried about network security when you're away from your machine, unplug the ethernet cord! Alternatively, if you have a router/firewall, turn it off.
---------------------------------
Hope this helps...
Sorry if it got a little long-winded.
[Edited by oldMac on 10-27-2001 at 08:04 PM]
