Security issues when using outside networks.

• Author: Zollars, Edward K.

Today, with the growth of laptops, low-cost, high-speed Internet connections and wireless local area network (LAN) technology, many individuals routinely connect laptop computers to multiple networks at places like coffee houses, hotels and airports. In fact, most laptop computers with wireless networking actively look for and ask permission to connect to any network they might find once activated.

CPAs need to be aware of the issues that arise when connecting to the Internet via such networks and how they can ensure that (1) sensitive data is not compromised and (2) their computers cannot be attacked by "malware" (malicious software). Fundamentally, the issue is simple--if, on connecting to an outside network, specific steps are not taken to secure data, this information can be relatively easily compromised by an outsider.

This column addresses the basic issues involved. A useful resource for those wishing to delve more deeply into this and other computer-security-related topics is the Gibson Research Corporation website and its Security Now podcasts on this topic by Steve Gibson and Leo Laporte (www.grc.com/ SecurityNow.htm).

Ethernet's Basic Lack of Security

The Ethernet networking standard that is used virtually universally today to link computers was designed a long time ago, for a very different environment. When it was originally created, computers could not be transported easily and were extremely expensive. In addition, they generally spent their entire lives physically connected to a single LAN.

In such an environment, a number of today's troublesome issues simply did not exist. Key among these is the security of data traveling on the LAN to which a computer is connected. The only computers on that network were ones under the direct physical control of the LAN's owner; they were connected only to a LAN owned by such an entity. Thus, there was no real need to ensure that only an "authorized" machine was able to read the data packets being transmitted.

Dual addresses: When a computer is connected to an Ethernet network, the system implicitly trusts (and has to trust) virtually all of the other devices on that network in order to function. A key reason is that every device on a network ends up with two addresses--its assigned Internet address (IP address), which can (and does) change as a machine logs into different networks, and the machine's unique media access control (MAC) address (which never changes).

Why dual addresses? The IP address is a hierarchical one that helps systems direct data where it needs to go; the specific, unique MAC address assigned to each device ensures that each machine is uniquely identified. By associating the currently assigned IP address to a unique MAC address, data can be sent from any computer connected to the Internet directly to a specific machine.

The IP address is that "dotted" address one sees from time to time. Each segment of the address offers information about how to move the data in the direction of the ultimate recipient's machine, to get it to the LAN to which that computer is connected. Once on the LAN, the MAC address is used to...