Before reading too far into this article, take a moment to think about the last e-mail attachment that you opened. Were you expecting it? Do you really know whom it came from? What about the last file or program that you downloaded from the Internet? Did it come from a trusted source?

When talking about network security, it's important to remember that the onus of network security falls not only on the shoulders of network administrators, but also on those of the users. There are many exploits and vulnerabilities on the Internet that target unsuspecting network users. These exploits can vary from non-damaging (but annoying) ad popup applications, to Trojans and worms that can take down entire networks. Here are a few examples of some of the threats targeted at users:

There are many applications that are "free" to download and install, but one has to question why they are free. Two examples that come to mind are "Precision Time" and "Date Manager". Why are you able to get this software for free? Usually because an advertising company is picking up the tab to get their software onto your computer; in this case it's a company called Gator.

When installing Precision Time or Date Manager, there is a typical window that pops up asking the user to agree with a long list of conditions. Very few people actually take the time to read these conditions before agreeing, but in these examples, anyone that did would notice that they are agreeing to also install Gator software. Gator is an advertising application that basically hijacks the ads on the websites that you visit. For example, if you were to go to Ford's website, Gator may replace a typical Ford banner ad with a Pontiac ad.

File Sharing Applications

Over the past several years, one of the leading uses for the Internet has been file sharing. Applications such as Kazaa and Napster have been popular in order to share files around the Internet. Typically the files being shared are "fun" files, such as music and videos. However, file-sharing applications that are not configured properly can be an open door to your corporate network. A user installing a file sharing application on their system can suddenly expose all data that they can reach to the entire world.

Not only do file sharing applications open doors to the outside world, they provide a means for dangerous files to be brought into a corporate network. In a recent study, security firm TruSecure downloaded 4778 files from Kazaa over the period of one month. Their testing found that approximately 45% of those files were not what they appeared to be. A user innocently trying to download music files can inadvertently be downloading and installing new viruses and Trojan Horses.

Worms

Perhaps the most publicly recognizable exploit lately is the e-mail worm. Typically, worms consist of e-mail messages that are written with generic text that can apply to a majority of the population, hoping to trick unsuspecting users into running an attached file. Once a user falls for the trap and opens the attachment, the worm will go through any e-mail address book that the user has access to, and send itself out to everyone in those lists. These worms often install a second application called a Trojan Horse. If nothing else, the constant replication of the worm by everyone that opens the attachment can be enough to bring corporate mail servers to a grinding halt.

Typical examples of text:

1. "This is a WinXP Patch. I expect you would like it"
2. "Re: Your Details"
3. "Pics from my vacation"
4. "Free Hot XXX Access"

Trojan Horses

Named after the Trojan Horse used in the Trojan War to access the city of Troy, the name "Trojan Horse" is now used to describe an application that appears to be one thing, but is designed for a different (often malicious) purpose. It's not hard to find free games or desktop utilities available for download on the Internet, but as mentioned earlier, one must question why these downloads are available for free. Instead of a harmless adware application being installed, many free utilities can install a backdoor or key logging application.

A backdoor Trojan can expose your computer and all the files it can reach to anyone on the Internet. Not only are you risking unauthorized access to corporate files, but there's now the chance that your computer can be used to attack other systems around the Internet. A key logging Trojan hides in the background, tracks everything that is typed on your keyboard (passwords, credit card numbers, confidential data, etc), then sends it off to some unknown destination.

Every corporate environment varies in their level of network security, but in each case a certain amount of trust has to be extended to the end users of the network. Thus, it is crucial that everyone using a networked computer is aware of the threats of the Internet. Through a combination of user training, corporate acceptable Internet use policies, and network design, the right balance can be found.

Neil Murray is a consultant at Data Perceptions Inc. Neil has helped several companies plan strategies to protect their data networks, not only from a technical aspect, but also from a procedural point of view.