 |
Red Shift Internet News Letters
Red Shift Newsletter for December 2003
1. DSL and Wireless availability expanding rapidly to many new areas
2. We have added two new DS3s on our fiber in Salinas
3. Announcing Red Shift's very own customer portal
4. SPAM solutions: Let us introduce Mia-Via to combat SPAM
5. Do you need a Firewall? A firewall primer.
1. DSL and Wireless availability expanding rapidly to many new areas
DSL and wireless expansion is on the move again. We are announcing six new areas that can now get Red Shift's Power DSL or Wireless service. December is definitely the month in which you can get what you want.
Carmel Valley Village (many within the 659 phone prefix) - DSL
Castroville (But not Oak Hills) - DSL
King City - DSL
Gonzales - DSL
Las Palmas I (in Salinas) . Wireless (Dec 15)
Las Palmas II . Crowne Point (in Salinas) - Wireless
We are offering a special price to current subscribers who switch to DSL as well as a special on the wireless installation price. Please inquire with our sales department.
Call us now at 831-655-8710 (Carmel Valley, Castroville) or 831-755-7700 (Gonzales/Salinas). You can also signup at www.redshift.com or email sales@redshift.com.
2. We have added two new DS3s on our fiber in Salinas
Red Shift now has OC12 fiber in our Salinas Network Center. We are running two DS3s out of this facility currently. One of the greatest benefits to our customers is that we can offer full T1s for $499.95 to the greater part of the city of Salinas. This price is a $200 reduction off the current market price of T1 lines. If you act before December 31st we will include equipment and installation of any T1 in Salinas for FREE! (equipment supplied is limited to a CSU/DSU and a Cisco 1601 router).
This additional Red Shift OC12 fiber in Salinas provides us a fourth backbone connection to the Internet as well. This additional redundancy and fiber strengthens Red Shift's position as the leading provider of reliable broadband services on the Central Coast.
3. Announcing Red Shift's very own customer portal
We have installed a customer Portal which provides content to our customers in order to make using the web even easier and more efficient. The portal address is http://turbo.redshift.com. On this page you can customize your own favorite links or use the ones pre-programmed for you. The portal also has areas for leaving feedback, checking out the latest headlines orchecking your mail using the webmail program. You can also setup your own themes, do research, run speed tests and much more.
4. SPAM solutions: Let us introduce Mia-Via to combat SPAM
SPAM has gotten so out of hand that it is becoming more than just a nuisance not only to customers but to ISPs. Red Shift currently has to deal with millions of unsolicited emails every week. It clogs up your mailbox and our servers. We run filters all the time to catch what we can but it still isn't enough. The filters we use now are becoming archaic and better ones are being developed.
We have found a filter that works a bit differently. The filter we will to start using on December 2nd was designed by a company called Mia-Via. It filters SPAM after learning the patterns of the SPAM at a particular ISP. Once it has built a knowledge base of what the typical SPAM email looks like it starts eliminating it. There's a nice twist to this program though. There are people who watch the process to insure that legitimate email isn't blocked by the filter. They also are on constant lookout for new types of SPAM and build those into the filter.
5. Do you need a Firewall? A firewall primer
If you have a fulltime connection to the Internet then you are open to certain risks. You have a fulltime connection if you're running DSL, wireless or T1 types of connections to Red Shift. There is a lot of nefarious activity out on the Internet today. Hackers are probing networks, trying to insert trojans and trying to break into your computers. You may start getting these attempts within minutes of your connection going live. Having your Internet connection exposed to the Internet at large without a firewall is like parking your car outside a chop-shop with the keys still in it and the engine running.
The risks you take are many: Identity theft, password theft, malicious software inserted into your network, viruses and any number of other threats incumbent upon an open network.
So how do you protect yourself? A firewall is likely what you need. Not all firewalls are the same though. There are two basic types: Software-based and network-based; we.ll explain the pros and cons of each but first a little background on what a firewall is.
What is an IP firewall and what does it do?
In order to properly understand how a firewall works it is necessary to illustrate how your computer communicates with the Internet. Your computer's Internet connection communicates to other computers with a protocol called TCP/IP. Think of this protocol as a language that computers on the Internet use to exchange data with each other. It has rules and structure just like spoken languages such as English, Spanish, French, etc. Within TCP/IP are "IP addresses." Your connection to the Internet has an IP Address that is unique to you. Think of it like the address on your home; which when combined with your street, city, state and country name creates a unique identifier in the entire world for your house so that the post office knows precisely how to deliver your mail.
The vital thing to understand is that each IP address is comprised of thousands of "ports." Each port provides a path within your IP address for a distinct program on your computer (most ports are unused). Think of ports as little tiny connections within your IP address. Everything you do on the Internet runs through a different port within your IP address. A good way to visualize this is to think of ports like electrical sockets within your house and each appliance you run being plugged into a different socket.
The information you send (mail, web surfing, file downloads) are broken up into "packets" which is the actual data you are sending segregated into small pieces. You can equate this to mail being delivered to your home address by the post office. Your connection to the Internet is like that - you have an address, and packets are delivered there and you send packets from there. Each packet knows where it came from and where is it going and which port to use so it gets delivered to the correct place and replies come back to you and to the right program on your computer.
Here's another way of visualizing how this all works: Think of it like a big bundle of phone wires on your neighborhood street. The bundle (called a trunk) has hundreds or thousands of individual wires inside of it that go to different homes and each carries a unique phone number. The entire phone trunk itself would be the equivalent of your IP address and the thousands of individual phone lines would be the equivalent of the ports in your IP address and the phone calls over each phone line would be the equivalent of packets over an IP connection.
Let's summarize how it all works. Packets of data arrive or are sent from your computer from different ports (controlled by software programs) through your unique IP address and received the same way.
Now that you have the basics of how traffic works on the Internet let's demonstrate how hackers, spies and criminals take advantage of its inherent weaknesses.
By default your computer leaves all of its ports open over the IP connection to the Internet. That means any program can be installed to use any port on your computer. Normally this would be a benign activity and you would install the programs that you want and they would use the ports assigned to them. Each program has its own unique port too, so that your mail program doesn't conflict with your web browser. Hackers and thieves have found ways to write programs that take advantage of unused ports (there are literally thousands of them and the majority aren't assigned to anything). They can then deliver those programs to your computer via viruses, trojans or dangerous code delivered to your computer through your web browser.
Once this illicit software is on your computer and attaches to the port the author told it to use, it can use your computer at will. The software can spy on what you are doing, it can be used to send viruses to other people or it can even be used to attack other computers and make it look like you did it! Basically your computer has been jacked and all your information is at risk. There are programs written to clean up after viruses, trojans and spy-ware but you may be cleaning up after the damage has been done. Furthermore these programs aren't always 100% effective, especially against very new attacks. You wouldn't get a flu vaccine two weeks after getting the flu - it is best to get it when you're healthy and so you should protect your computer while it's healthy too.
A firewall works in several ways to protect your computer, or computers. The first thing it does is take the public IP your ISP gave you and masquerades it into multiple private IPs that your computers can use. What that means is that your computers are actually using IPs that are not routable to the Internet. If you have one of these special, private IPs and it wasn't behind a firewall, you could never connect to anything. The Internet has several ranges of private IPs that can be used in private networks but we won't get into a discussion about that here.
The second thing a firewall does is block ports. A firewall will block all but the most commonly used ports (it will typically leave open those for mail, web, file transfer and other commonly used ports). It will stop traffic on all other ports. When it does this, it is impossible for a hacker to gain control over your computer unless they break your firewall, which is tremendously difficult to do and hackers generally do not have the resources to do it.
Additionally firewalls can block known attempts to get data in through open ports by identifying evil software and stopping it even on open ports.
Some firewalls even have the capability of allowing you to browse through a proxy server. This is like putting a second firewall in front of your web browser. Basically another machine is doing the browsing for you and passing clean data back to you. Viruses and other unwanted material cannot penetrate that wall. Proxy servers are also useful for protecting your privacy.
Firewalls are flexible however. If your firewall has blocked a port you actually need open, you simply tell the firewall to stop blocking that port. You can even setup your firewall to block ports during certain times of the day, or setup VPN connections into other private networks.
Now that you have this general scope of knowledge it is time to pick a firewall for your computer or computers. How much protection will you need? I.ll break down the levels of protection into three categories:
Level 1 . Basic, one computer, abbreviated firewall protection: A software firewall such as Norton Firewall, Zonealarm or MacAfee firewalls fit this description. They install as a program on your computer; they are inexpensive (rarely costing more than $49) and they are very easy to setup and use. They do not always provide the first level of protection called masquerading however. Software firewalls are a magnitude better than no firewall but they can be broken into more easily than hardware firewalls can. Here are three links to commons software firewalls: www.macafee.com, www.symantec.com/sabu/nis/npf/, www.zonelabs.com.
Level 2 . Intermediate or small business, one to ten computers, full firewall protection: This is a hardware device that you plug in between your Internet connection and your computers. It has all of the levels of protection that you want in a firewall. It requires more time to setup and costs from $100 to $400. These range from your regular little Linksys routers up to something like a Hotbrick or a SonicWall SOHO. Following are links to some popular firewalls in this category. www.sonicwall.com, www.hotbrick.com, www.watchguard.com/products/fireboxsoho.asp
Level 3 . Professional, ten or more computers, comprehensive firewall protection: This would be an enterprise level solution that would involve more than just throwing a firewall into the LAN. A security consultant would analyze the entire network and install a firewall or firewalls and other security measures to protect the network. Persons requiring this level of protection should call Red Shift for a recommendation on a qualified security consultant.
|
|
 |
