Once you’ve connected to the Internet, your computer is open to the world… both literally and figuratively! Of course, the first shields are the fire-walls and anti-virus programs (and the operating system’s security patches), which are indispensable in keeping prying eyes, hackers and parasites at arm’s length. And they usually do a good job. But how can you be sure they are always working properly? Since the Service Pack 2 from Windows XP, of course, the Security Center lets you know that the fire-wall, anti-virus and updates are functioning.
But that doesn’t mean much as far as the specific configuration of these tools is concerned, especially the fire-wall. It may be activated, but if an application’s settings have been modified without your knowledge, or if you have fiddled with settings too much while trying to make a network application work, your computer could be exposed. In order to find out if your computer is visible from the Internet, and to identify any possible tricks a hacker might want to play, you can ask a specialized online service to run tests on your PC. This is usually quick, free of charge and the results are immediately available on your browser.
There are three types of such services: some specialize in testing the impenetrability of the fire-wall. They will try to connect to your computer using ports (network entrance points) from which intrusions are known to originate, such as those used to share files or printers under Windows. They try to measure the quality of your fire-wall and its configuration: does it adequately hide all your computer ports? Others search beyond the fire-wall to find Trojan horses that may be installed on your PC and listening to what goes on beyond the fire-wall. They also determine – when they can get through the fire-wall – if there are known security breaches on your system. Finally, the third type specializes in testing a particular application: your browser! These tests, however, are less automatic than the first two. You have to visit a dedicated website and click on each test. The website will then attempt to muddle with your browser (safely, of course!), and you will be able to see, for example, if software can be installed without your knowledge or if cookies can be recovered remotely.
In concrete terms, using either of these services involves connecting to a website with your browser. If several types of tests are offered on the site, you just have to choose the type you want, and it will start: you won’t see much on the screen, but on the other side of the world, the site will have begun observing your computer just as hackers or parasites do when in search of a new victim. After a while (some tests can take quite a long time), the site will present its results. You will find out whether your computer is visible from the Internet and if so, which communication ports open to the world are likely to be exploited. You will see whether known vulnerabilities could have been exploited.
Depending on the service, this report can be saved so that you can compare it to subsequent reports (this service is generally offered however with paying tests). Symantec offers a free Security Check, available at
http://security.symantec.com. It conducts an audit of your fire-wall and searches for simple vulnerabilities. Go ahead, test your security!
Port: Logical entry point of a network to your operating system. The operating system has 65,535 logical entry points that can be used by applications to communicate with the outside. Some are “opened” when requested during an outgoing connection, for example, whereas others can remain open permanently to accept connections coming from the outside.
Windows file and printer sharing: A Windows only functionality that is activated by default. It operates by opening certain well known ports. Under certain conditions, they can be exploited by hackers to access your system remotely.
