A high speed internet connection is a wonderful thing. A door to the world – news, music, email all just a few mouse clicks away. But once again I am here to warn you of the threats that go alongside such delights. This week I want to talk to you about a basic network security hole that has come to my attention recently in Arusha.

Up until recently, an internet connection in Arusha meant a dial up account with an Internet Service Provider (ISP). You paid the ISP a monthly sum for the privilege of connecting to their network, and then you paid TTCL for the telephone calls required to make that connection. Speeds were low – normal phone lines can deliver a maximum connection speed of 56 kilobytes per second, and Tanzania’s phone lines are crackly further limiting this speed. What was available was just about enough for sending simple emails, and slowly browsing the World Wide Web. In the meantime the rest of the world was speeding up with such wonders as ADSL delivering over a hundred times the speed of dial up. These increases in speed meant that web page designers could make their web pages larger. Music and video became more than a dream. Tanzania was getting left behind.

Tanzania’s ISPs could not build the huge infrastructure required for ADSL. But being a resourceful bunch they looked at what technology might be possible in Tanzania to speed up connections. What they found was Ethernet and Wireless LAN. Two systems for transferring data over a distance that could deliver speeds of up to 100 megabytes per second and 11 megabytes per second respectively.

Ethernet and Wireless LAN

Ethernet is commonly known in Arusha as cable. It uses wires and hubs to link up computers across short distances.

You see that funny square mesh antenna poking from the roof of your local internet caf�? That is a Wireless LAN antenna. Wireless LAN uses microwave radio to transmit data between computers.

These two systems are how ISPs in Arusha get the internet into homes and offices at high speeds. The trouble is that these two systems were not designed to join up computers across a city. They were designed to be used within a single office. And this is where the threat I mentioned above comes into play.

Stretching the local

The software used to connect computers across these two systems was designed to allow people in an office to share files and printers. When these systems are used to join together different households and businesses you no longer want to share all of this – but that is exactly what is happening.

Look on your desktop for an icon labelled Network Neighborhood, or My Network Places. Clicking on these opens up the rest of the network to you. Yesterday I had a bit of snoop around a local network. I found 254 computers were visible to me. The office I was in has only five. Those other computers belonged to individuals and businesses across Arusha. What is more worrying was what I might have accessed on those computers. Any folders or printers on those computers that were set up to be shared I could in theory see or use to print out on unless they had been secured with a password. Anyone else on that network could do the same, without using any sneaky methods – simply using the software that comes with Windows. Some computers belong to internet cafes – anyone walking into that internet caf� would have access to private documents and files. This frightening possibility exists right now on a number of networks in Arusha.

What to do

It is easy enough to prevent this from happening. You can turn of file and printer sharing (look up “File and Printer Sharing” in Windows help and on the web for how to do this). But what if your office needs to share files and printers? What you need my friend is a firewall. A firewall is a piece of software or hardware that sits between the computers you own, and the rest of the network. It prevents people from outside accessing anything inside. From the inside you can see out and access the web and email. No one can see in unless you want them too. ZoneAlarm is a free software firewall which can be used on individual computers in order to control who has access to what. For businesses with more than a couple of computers a hardware router will solve these security problems at a cost of around $110. These are available from local computer shops and very easy to set up.

Getting nosy?

Be warned that if you read this and are tempted to have a look at your neighbours’ computers you can be traced – all connections to Windows 2000 and XP computers are logged, and they will give the name of your computer and the IP address from which you connected. Nosy neighbours often get themselves in trouble!

Interesting Web Sites

• www.grc.com/su-explain.htm – page giving information on computer security – also on grc.com is ShieldsUp! which will show you what is visible on your computer to the rest of the world!
• www.zonelabs.com – producers of ZoneAlarm, a personal firewall for securing a single computer.

Originally published in Arusha Times 279