All,
I answered a post today where the subject was a computer related question pertaining to the storing / caching of usernames and passwords on a poker client. There are a lot of talented IT guys that use FTR (e.g. fnord, original MS xbox live top developer dude, much respect) but I'm sure there are FTR members that do not have extensive IT knowledge. I've been grinding it out in IT for nearly two decades so what I'm going to try to address here is the basics for your home poker PC and network setup from a security standpoint. Maybe it will develop into a wider Q & A for IT stuff.

As a scare tactic you should know that even if your home setup covers all the basics, if they want in, they will get in, it is purely degrees of deterrence. Why is this important? Well I have a nice little fujitsu lifebook that is worth nothing now, it is 3 years old, but on it is my party poker account that has $XXXX (not hit 10k yet) in it. Now my crappy lifebook (which I love) is worth a few bucks. If someone hacked my home network, installed a trojan, a keyboard logger or gained RDP (remote control) of my PC, then the money could be theirs.

Anyway, to the techie stuff. Do you have a hardware based firewall that is ICSA certified, flashed up to date, with stateful packet inspection and a carefully planned ruleset, a honeypot, a dmz and several hardened unix boxes to port forward allowed packets to the required internal host. No, well neither do I. I don't bother with a dmz at home any more

As an example: my sister in Philadelphia had a shit hot fast cable connection and your standard issue PC running win mill connected 24 hours attached to it. She had expired virus definitions, no spyware checker, no firewall, an 802.11b wireless network with no WEP encryption (which I can crack anyway in a short amount of time using a boot cd with a linux kernel and sniffing and decryption tools). In summary her pants were down and she was presenting her ass to the world for unrequited violation. She had personal banking info, bank account info, scanned personal docs and other things on the PC. I explained to her in basic “scare the kak right out of you” terms how she was at risk and then sorted it out for her.

BTW: Kak is Dutch for shit, I like the word; the well known victorian expletive "poppycock" comes from the Dutch, “pape kak”, which means soft shit. That's some good info if you ever play Marcel Luske , you can call him a soft shit but he'll still know if your kings are good .

A lot of people are in varying degrees of this situation.

As I said I’m not going into specifics and this will be of no use to a lot of you as you know this stuff and a lot more, but I'll start the discussion anyway in no specific order, just what comes to mind. I’m assuming it is a home network and not connecting via a lan with a T1 and corporate security measures put in place. I'll just try and cover a few topics.

If you are on any home internet medium (cable, dsl, modem), are you connected permanently? If not you have the added security of a varying ip address. This is helpful as your exposure is not constant and each time you dial up or connect your dsl you will mostly (with most providers) get a different ip address. This reduces the chance of you being attacked and being looked up again to progress an attack. If you are not always “in the same place” it is harder to be found, although you are still subject to random port scans. Port scans are programs that scan the internet to find out if any of the ports on your pc (think of ports as entrances to a building and your PC is the building) are open to see if they can break in. The more locked entrances, the less chance of entry.

Even if you are permanently connected, if you have not specified that you wish a permanent ip address to your isp (which is unlikely unless you requested it), your ip address will change after a specified time (anything between a few hours and a few weeks).

Firewalls: we all know the term but are you using one? There are primarily two types: software and hardware. The hardware firewall is either a standalone device or incorporates other features like wireless lan router, dsl modem etc. The software firewall (e.g. zonealarm) is software installed on your PC. To be honest any IT guy will rightly say that a hardware firewall like a hardware based checkpoint setup, sonicwall or cisco is the best. Then there are the home based hardware firewalls like linksys (owned by cisco), netgear etc. Is there a difference? Yes, but to be honest you are not going to buy a $5k firewall for the house. I used to use a sun SPARC hardened, with sunscreen and a strong rule set but it was an awful lot of work and I am not a UNIX dude. The netgear and linksys stuff will do the job, but ensure that the ruleset (what is allowed in and out) is solid. If someone wants in bad enough they will get in, it is merely there at the home level to discourage, and the more discouragement the better. If you want to spend a few extra bucks I can recommend a sonicwall TZ170, but be aware that you will have to pay a subscription for ESSENTIAL updates. If your PC is directly connected to your internet connection without a firewall you can use a software firewall (don’t use the inbuilt XP one). I have not done much research into these but zonealarm basic is still free and does the job. Blackice and others also do the job.

Are you using a wireless home network? If so do you have WEP (wireless encryption protocol) enabled or one of the newer wireless encryption standards? You or the person that installed it would have had to log into the wireless device and configured this. It is usually not on by default but may be incorporated into the setup wizard for the device. As I have stated I can crack WEP and I’m not that good at that sort of thing; the information is out there. So in the unlikely event that you see someone lurking outside your house with a laptop, go and beat the crap out them just in case (unless you live in the UK in which case invite them in for a cup of tea as any violent action will result in you being imprisoned for not properly taking care of someone violating your home). If you are not sure that you have your wireless device properly secured (as well as possible) ask someone to check it out. Again, there is a difference in someone trying to screw you with your pants on, and your pants off. Pants on offers at least some resistance to initial probing.

If your home network is not wireless the firewall information still stands, it still has to be secured but you don’t have to worry about people hacking it from the street (unless you work for Al Queda and the CIA have people using devices to steal off the wire, then your on your own and I hope I kick your terrorist ass at the tables).

Now to your PC. You should be running XP for a start (apologies to unix / mac guys, this is kinda generic), with service pack 2 and all available updates. Quick note on password caching / storing for your poker sites, i.e. save password. This is generally not an issue unless someone has physical access to your laptop / computer. If the rest of your security is crap then a Trojan, a keyboard logger or some malware could enable access to that information from outside.

Anti-virus. When your definitions are out of date your AV is as much use a snooze button on a smoke alarm. I use Symantec corporate AV client. Any of the other big ones is fine but keep your definitions current, set it to update every day even if you are on a low bandwidth connection. If every time you logon to your machine you get “virus definitions out of date subscription expired” don’t be a cheapskate, buy the subscription, or get a copy of SAV corporate that does not need a subscription.

Spyware. I use adaware professional. There is a free version that is fine but passive. Make sure you update, scan and remove frequently. I’ve ran a test where I cleaned out all the nasties, disabled adaware pro (which actively blocks nasties), browsed for 20 minutes, and in that time (IE at the default security setting of medium) there has been new threats that adaware picks up on the next scan. Most are harmless, some are not. Treat your spyware protection like your anti-virus protection; keep it up to date.

Internet Explorer settings. There is, as with most IT stuff, a trade off. Functionality against security. If you set security too high you start getting problems with sites (cookies, etc) and have to add in trusted sites, etc as you go. I just use the medium setting and use my adaware to block and get rid of suspect cookies and other malware.

XP Remote Control settings: disable them. Right click my computer, select properties, click remote tab, make sure the “allow user to remotely…” is unchecked.

I do the following on every system I configure. I won’t go through the steps unless someone requests it. I copy the administrator account, rename the original, log on as the newly named original account, take away all the old accounts privileges and disable it. This hampers anyone that has hacked your network and is attacking your PC at the local level. Simple but effective, although a brute force attack from a program like Lophtcrack could get access once the internal network has been compromised.

Anyway, this is just a few thoughts for your poker PC security setup and is by no way my complete config; my setup is a bit more anal than this. I’ve tried to pitch it for everyone so if anyone wants to bust my balls over a technical aspect that has been glazed over I will gladly indulge in a pissing contest, but be warned, I am 7 feet 3 inches tall and can piss very high.