ADSL - safe at any speed?

Although ADSL promises a revolution in Internet access, it has its dark side. While the benefits of permanent, unmetered connection are both undeniable and irresistible the trouble is that if you can see the Internet, the Internet can see you.

On most dial-up ISPs, this doesn't matter -- when you're online you're at your computer and your Internet address will be transitory. With a permanent connection your PC will be accepting packets from anywhere at any time it's on, and the IP address range it uses will be public knowledge. Anyone with mischief aforethought will have a chance to make contact and do damage.

This isn't paranoia. Triallists on the BT ADSL system have reported frequent and sometimes intensive attacks on their home systems -- packets designed to crash their PCs, to activate trojan horses, to exploit security weaknesses in Windows, all arrive on a daily basis. Without any form of protection, your home PC will be vulnerable, and with some of the illicit software out there it's more than possible for a hacker to get access to your hard disk, steal files or just wreak havoc. And different pieces of software can introduce new hazards: the popular chat service ICQ is a good example. Software circulates freely on the Net that lets a hacker find out the IP address of an ICQ user and then exploit various flaws in the system to get access to the PC. Also, the Windows built-in networking software is itself vulnerable to various remote abuses such as malfunctioning under a hail of otherwise legal packets.

The solution is proper security, and as IT managers for commercial installations have learned over the years this is rarely simple or cheap to provide. The basic tool is a firewall -- software or hardware that intercepts all network traffic between the Internet and the private system and filters out dangerous or unauthorised data. The cognoscenti on the BT trial tend to have a dedicated machine, often running Linux, which provides a high level of security and flexibility but demands a solid knowledge of IP and the issues behind the dangers -- for most domestic and small business non-nerd users, this isn't appropriate. A range of software-only Windows firewalls are available -- you load them as any other program -- but as the triallists discovered these were often less than perfect. Sometimes they didn't perform as advertised, sometimes they installed without much in the way of protection as standard -- you had to be responsible for setting them up, and sometimes they lacked essential features. The market for consumer firewalls is in its infancy, and the immaturity shows.

At the launch, BT was asked what it would be doing about security on the ADSL service. It said that it would be providing a very basic level on its network but that it would be up to the ISPs and the consumers to do most of the work. And this will be something you absolutely must ask any ISP offering you permanent connectivity -- what do they recommend to make your machine secure? If they don't have a good answer, don't give them your money. Meanwhile, expect to see client firewall reviews appearing in the better computer magazines. Just don't expect the problem of security to go away.

Send me to ZDNet's 'Hackers' News Special.

Go to the ADSL News Special with news, technical information and insights from the UK's leading comms. journalist, Rupert Goodwins.