Patching Up The Holes
No software can be made perfect. That's obvious. After all, programmers are only human. However, even little imperfections can manifest as security holes. A hacker can take advantage of such vulnerabilities to compromise the security of a system.
In fact, malware like viruses and trojans can literally sneak themselves into your system by exploiting these vulnerabilities All you have to do is connect yourself to a compromised network, give it a minute or two and poof, you're infected.
Without firewalls, unpatched Windows XP systems will probably last only 5 minutes on the Internet before being infected with some form of malware. In short, if you do not patch up your operating system, applications, fireware and even Internet browsers, you are virtually inviting malware into your system.
In this section, I'll be teaching you the simplest forms of patching and general software maintenance. Since there are many kinds of software out there, I'll divide them into different tiers for easy referencing, with the lowest level being the hardware or physical layer, and the highest being above the operating system layer.
Tier 0 : Firmware Or Hardware
Firmware can be loosely defined as software stored on some form of ROM (Read-Only Memory) of all hardware devices. From the standard bootstrap to the basic configuration to an actual operating system, firmware generally keeps it all in one neat, small ROM-based package.
This level is the foundation which all other tiers are based upon. If something gets screwed down here, the likelihood of it being treated on higher tiers are slim at best. For example, there was a firmware bug in the Cisco 2800 series of routers that would give you root access even if you didn't know the password. All you had to do was type a really long string of gibberish into the password field. That's it!
The Cisco 2800 is no cheap router. It is a really expensive corporate router that would have undergone numerous tests before being released to the market. Do you think our consumer grade goods would fare any better? In light of this, it is very critical for you to keep your router updated with the latest firmware. It's no use if the manufacturer corrects the bug, but you do not even take the time to install the update.
Also, it is important to secure the lowest level before you go higher up. It's just like a SWAT team clearing a building - you gotta work your way up! So, download the latest firmware for all the hardware devices you own. Devices that can be patched are modems, routers, firewalls, network cards and all manner of network devices.
Not only do newer firmware entail better security by the virtue of corrected bugs, they also provide better features, better stability and better performance too! Improved security, better features, stability and speed, what more could you ask for? You pretty much have no excuse!
Generally, most firmware updates are done with .bin (binary) files - files containing raw machine code. What happens when you update the firmware is that the operating system of device loads the .bin file into memory and then overwrites the firmware currently stored in the ROM.
If you didn't get that, here's a simpler explanation. When the device starts up, its operating system loads itself into memory from the ROM. So, no matter what you do to the firmware in the ROM, the problems won't manifest themselves until the next startup. When asked to update the firmware, the operating system loads the given .bin file and writes it to the ROM, replacing the older version of the firmware. The device is then restarted and this allows the device to load the new firmware. Voila! The new firmware is operational.
How, let us give you a simple example of how you can update the firmware of a router. If you are wondering, my router is actually up-to-date. But for the sake of this example, let's just assume it is in need of an update.
<<< Configuring Your Firewall (Continued) - UPNP, Change The Password, Read The Log : Previous Page | Next Page : Updating Your Firmware >>>