n April I got this e-mail from a reader in California: ''My associate recently installed cable modem in her home and was shocked to find that `Network Neighborhood' was, literally, her neighborhood! She could see the desktops of all her connected neighbors. This seems like an enormous oversight on the part of cable modem companies, or maybe they just don't care (more likely the latter.) In any case, I think it is important for cable modem users to realize the risks of being connected to the Internet 24 hours a day, and the other vulnerabilities associated with cable modem. What do you think?''
I think that stories like this are becoming far too common.
The particular problem that the person in California is experiencing has to do with the way the Windows operating systems does networking. Because it is common for people in offices to share files and printers, Microsoft made file sharing very easy in its Windows operating system: Just click ''share'' and off you go. This lax approach to security was understandable in 1994, when Microsoft designed most of this technology: Then, most local-area networks were confined to corporate offices - offices in which it was more important to make files and printers easily available over the network than to try to keep them secret.
Unfortunately, the networking protocols used by today's cable modem systems are very similar to those used in a typical office network - indeed, most neighborhood cable systems look like one big local area network. This similarity is responsible for the low price of cable modem access - much of the technology is recycled from other parts of the computer industry. But the recycling brings with it many security problems, as the California reader's associate is experiencing.
Unauthorized file sharing is less of a problem for people with MediaOne cable modems in the Boston area. This is because MediaOne blocks Microsoft's file sharing protocol by default. But file sharing can still be a problem for Macintosh users. As recently as a year ago, a friend of mine in Wellesley was able to see printers and computers belonging to other Macs in his neighborhood using his computer's ''Chooser'' program. He could even print messages on other people's printers - and sometimes he got surprising printouts on his own.
The best way to protect yourself from unauthorized file and printer sharing is to disable these services on your computers. If you need file sharing - for example, if you have two computers on the same network - then you should create user names and passwords.
Another alternative that is more expensive but much more secure is to set up a firewall to isolate your internal network from the cable modem network. A friend bought such a firewall, called the ''Sonic Wall.'' It cost $500 for the basic configuration.
This whole issue of cable modem security was driven home to me on Sunday morning, when somebody attacked a computer that I was setting up in my study. I had just finished a new operating system on the computer that's connected to my MediaOne cable modem, when a warning message flashed on the screen: Somebody else on the network was trying to break into my system using a well-known security hole in a program called ''portmap.''
The portmap attack is classic: I wrote about it in 1990 when I published my first book on UNIX computer security. Unfortunately, there are many computers on the Internet that are still susceptible to this attack. Somebody else on my network was scanning all of the computers in the neighborhood, trying to see whether any were vulnerable. If I had been running an older operating system, that person could have broken into my machine and taken it over.
Why would somebody want to break into my machine? The answer is access. If an attacker can break into somebody's home computer on the MediaOne network, he can then use that machine as a jumping-off point for breaking into other computers on the Internet. By jumping from one machine to a second and a third, an attacker can weave a path that effectively hides his tracks.
Richard D. Jenkinson, Media One's director of communications and public affairs for the Northeast region, says problems such as being able to browse somebody's computers or being targeted in a portmap attack aren't limited to cable modems. ''Any Internet user should be concerned about security, whether they have a cable modem, DSL, or dial-up connection.''
Nevertheless, attackers do seem to be increasingly targeting home computers that are connected to cable modems or high-speed DSL lines. One reason is the speed: Because a cable modem is 50 times faster than a standard dial-up, a bad guy can launch 50 attacks against a cable modem user in the time it takes to launch a single attack against somebody over a dial-up. This increases the chances of actually breaking in.
Meanwhile, because high-speed connections are ''always on,'' people frequently leave their computers connected to the Net and unattended for long periods. Because it's much harder to get caught breaking into a computer when nobody is watching the machine, this makes these computers all the more vulnerable.
If you have a computer that is attached to the Internet, it's important to take precautions to protect your safety. One of the most important things is to make sure your software is up to date. No matter whether you are running UNIX, Linux, Windows, or MacOS, be sure to check the Web for security alerts. When bug fixes come out, be sure to download and install them as soon as you can.
The second thing to do is avoid running programs people send you by e-mail. Although most programs sent by e-mail are harmless, a growing number are actually computer viruses or other kinds of ''Trojan Horses.'' These programs can damage your system within a split second, and often there is no way to easily tell that damage has been done.
For Net security tips, see MediaOne's Usenet security group, roadrunner.
techtalk.security. Or click on ''member services'' at www.mediaone.rr.com/ to get a list of security bulletins.
Technology writer Simson L. Garfinkel can be reached at plugged-in
@simson.net.
Dow:
