Broadband Connections Are Especially Vulnerable

Any machine connected to the Internet in any way is susceptible to a random attack at any time. But machines hooked up by increasingly popular broadband connections are more susceptible than most others. Broadband in general refers to any high-speed Net connection, but for the rest of us, it usually means a connection through a cable modem or DSL (digital subscriber line). The two key characteristics that make broadband links particularly vulnerable to attack are the same characteristics that make broadband connections so popular in the first place: They’re connected 24 hours a day, and they’re high-speed.

Unlike traditional dial-up connections, in which you call in, surf the Net, and then disconnect, broadband connections are always active. Because broadband connections are always on, the amount of time a computer is vulnerable to Internet attack is greatly increased compared with dial-up. Any time your computer is on, it’s online and vulnerable to attack. Thus, based on raw probability, your computer’s going to get attacked much more often on a broadband connection than on dial-up. Beyond this, however, hackers are more likely to go after machines that are connected all the time because they know those machines will be there when they need them, either to activate a Trojan horse they’ve installed or for some other nefarious purpose. Hackers also may restrict their searches to Internet addresses that they know are used for broadband connections, because they know that machines on those networks will be more useful to them, further increasing the odds of an attack.

Broadband connections are not only always on but also (usually) many times faster than dial-up connections. Speed provides many advantages to a hacker. Hackers often look for machines by sending out a query or “probe” to successive addresses until a machine answers and tells the hacker it’s there. If a hacker is looking only for machines with fast connections, he can find them quickly because they answer his probe faster. And when a hacker finds a machine, he can carry out attacks against it more quickly.

In Chapter 4, for example, you’ll see that speed is essential to a dictionary attack, in which the hacker tries to figure out your password by trying every word in the dictionary. Such an attack is practical only on a high-speed connection. Additionally, if the hacker wants to use your machine as a launching point for other attacks, speed is critical as well.

Another characteristic of many broadband connections is that your machine is assigned the same Internet address for long periods of time. Even though many such connections claim to give your machine a dynamic address, that address rarely changes. So the hacker can pretty much count on your machine being available at the same address whenever he wants to get at it—another big advantage to him over a machine on a dial-up connection, because its address changes each time it dials in.

Some of the rest of us still connect through dial-up connections, but broadband connections are increasing at a faster rate than other Net connections. Broadband connections grew from about 5 million at the end of 1999 to about 50 million at the end of 2004 to probably over 100 million by the end of 2007. So even if you’re not using a broadband connection today, there’s a pretty good likelihood that you will soon. You might as well start thinking about safety now.