"Always On" Genealogy

A version of this article first appeared in the May/June 2002 issue of Ancestry Magazine

By Mark Howells

I am very spoiled when it comes to Internet connectivity. As an early adopter of my local phone company's DSL (Digital Subscriber Line) service, I have had fast Internet connections for years now. Not only is it fast, but it is a constant and continuous connection to the Internet - "always on" as they say. Well, it is always on as long as my PC is powered on to connect to it. First thing in the morning, I stumble down to my home office, detour to the kitchen to start the coffee, and plop myself in front of the PC and begin reading my genealogical e-mail immediately. I don't have to dial up, I don't have to log on. Nor was my voice phone line interrupted in order for me to use the Internet. My connection was open all night and was busy downloading my large volumes of e-mail while I slept. I'm not alone in using an "always on" connection to the Internet. At the end of last year about 13% of all Internet users took advantage of the speed and convenience of an "always on" connection such as DSL or cable modems. While vendors are very good at selling the speed and convenience of these connection types, they are less sanguine about preparing their customers for the privacy and security consequences of these connections. The remainder of this article will discuss privacy and security concerns regarding "always on" connections to the Internet. If you are one of the current 13% using these connections, you may want to implement some of the suggested remedies provided below. If you are thinking about switching to an "always on" connection, you will want to include some of the suggestions below in your planning.

What's the Problem?

With a standard dial-up connection to the Internet, you can control how long you are connected. When disconnected, the outside world can't talk to you and your PC can't talk to the outside world. Because they are open less frequently, dial-up connections are more secure than "always on" connections when it comes to preventing the outside world from doing harm to your PC.

"Always on" connections such as DSL or cable modems basically extend the public Internet into your home on a permanent basis. These continuous connections mean that the outside world may try to access your PC even when you are not actively using your PC. Continuous connections give "hackers" more time to explore the electronic entrance to your PC for vulnerabilities. Because of the increase opportunity time available for potential wrong doers, "always on" connections are perceived as less secure than dial-up connections.

Of the two, there are more security concerns with cable modems than with DSL. Cable modems basically turn your physical neighborhood into a Local Area Network. You share the connection to the Internet with the rest of your neighbors who have also subscribed to the cable modem system. Besides concerns that the Internet Service Provider's designated administrators may have access to your network traffic or your PC, this shared model of access can make your PC more vulnerable to being "investigated" by your neighbors (more probably by their curious kids). DSL drops an Internet connection on your premises which you do not share with your neighbors. There are steps you can take to make either method of fast, continuous Internet access more secure.

Action Items

When installing a cable modem or DSL router, one of the most basic security precautions to take is to change the default password which comes with the device when you pull it out of the box. As part of your initial configuration of the device, you can select a new administrative password so that you and only you have internal access to your "always on" connection. Make it a nice long, memorable password that would be hard to guess and not a common word found in a dictionary.

The next cost-free step to securing your continuous Internet connection is to disable file and print sharing if you are using any version of the Windows operating system. If you have only a single PC at home, this step is straightforward. You don't require file or print sharing anyway with only a single PC, so turning the sharing off has nothing but positive security consequences. Enabled file and print sharing may assist outsiders in compromising your system. If you use file and print sharing on your own home Local Area Network to share files and devices, then disabling these features is not an option. Instead, you will want to password protect the printers and files which you share on your network. Such passwords prevent the automatic sharing of these resources with outsiders. Methods to disable or password protect file and print sharing vary slightly depending on what version of Windows you are using. Use your system's Help files to find "file and print sharing" for exact instructions on how to make these changes.

Finally, before you think about spending any money securing your "always on" connection, you may just want to turn off your PC when you are not using it. While this reduces some of the convenience of a continuous connection, it also reduces the window of opportunity which outsiders have to get into your system. This method is far from fool proof as external attackers can still try your system while you are actually using your PC.

Spend Some Money

A sensible precaution to take with an "always on" Internet connection is to purchase and install firewall software or hardware. Firewall software works like the anti-virus software on your PC. It runs in the background, recognizes types of access attempts or other security incidents, stops them, and brings them to your attention. Firewall software must be loaded on every PC you have in your home network in order to provide full coverage. Reputable home firewall software products include BlackICE Defender ( http://www.iss.net/ ), ZoneAlarm ( http://www.zonelabs.com/ ), and Norton Internet Security ( http://www.symantec.com/sabu/nis/nis_pe/ ). Once installed, these products need to be configured to fit your security needs. Perhaps the biggest challenge is to overcome their tendency to report "false positives" - reported incidents that have no real security impact. Some enlightened Internet Service Providers will even give you free firewall software when you sign up for their DSL or cable modem service.

Firewall hardware is more expensive and more secure than firewall software. Firewall software protects your systems at the PC level. Firewall hardware protects your systems in front of and independently of the PCs it protects. Firewall devices are often used by businesses which have continuous Internet connectivity and are usually placed in between the DSL router/cable modem and the internal PC or network. Firewall devices are more difficult to configure than firewall software but one firewall device can protect your entire internal network. Some quality firewall devices for home usage include SonicWall ( http://www.sonicwall.com/ ) and WatchGuard ( http://www.watchguard.com/ ). The major drawbacks to firewall devices is their expense and complexity in configuration

Feel Safe Yet?

I use a combination of the above techniques in order to secure my "always open" Internet connection. Genealogy is more than just a hobby for me, it is a passion. A high speed continuous Internet connection feeds that passion well. I do feel more or less protected from outsiders interfering with my household's computing. But I do not suffer under the illusion that my system is hacker-proof. New security exploits are being discovered all the time and it can be difficult to fully protect oneself from all the already known exploits. What keeps me sleeping soundly at night isn't the security precautions I've taken, but the backup tapes I refresh regularly. I might not be able to stop a determined intruder, but I can rebuild anything that they may damage in their attack.

About the Author

Return to Genealogy & Technology Articles by Mark Howells

Return to Mark & Cyndi's Family Tree Return to Mark & Cyndi's Family Tree

"Always On" Genealogy
Created & maintained by Mark Howells.
For information about this article, please send email to markhow@oz.net
Updated October 4, 2002

This Work Copyright © - 2002 Ancestry.com, Inc., all rights reserved. To see this Work in its original context and to view others like it, visit www.ancestry.com.