Loveless explains, "For the most part, most operating systems off the shelf are insecure. You do have to go in and tweak them up a little bit," no matter what you are running.
But while security is not necessarily an operating system-specific issue, there are important OS-dependent differences to keep in mind.
"It's a lot harder to secure NT than it is to secure Unix," according to Loveless, and he says that Windows 9x is even more difficult to secure. "The main thing that users of Windows 95 and 98 can do," says Loveless, is to "make sure they keep up with antivirus software. If they are in a corporate environment, they need to be behind a firewall ... and there are even firewall products available for home use."
Fennelly agrees that personal firewalls are probably the best protection Windows users can employ. She adds that Tripwire, a sort of computer-intruder burglar alarm that has long been available for Unix and Linux, is now available for Windows NT.
"There are a lot of different things, [such as] routing and firewall rules, that are not necessarily specific to Unix," Loveless says. "These will certainly help in the NT world, and the Windows world in general."
Windows users should also follow the advice commonly given to Unix and Linux users: they should turn off unneeded services, close ports, and take other precautions to secure their computers from intrusion and misuse.
"I would advise anyone who's in a corporate environment to at least have a scanner," says Loveless. "A security scanner will scan your systems and tell you where you've got holes and flaws, and where you need to be fixing stuff. And it will do it remotely -- you can set it up and scan all your corporate systems. [BindView's] Hacker Shield isn't the only one; there are a number of others."
According to YTCracker, believed responsible for having altered several federal government Websites late last year with a message calling for better security on the part of administrators, "Users with dial-up modems aren't at risk" in the way media reports would suggest. Rather, the DDoS attack tools are more of a threat to someone, whether business or home user, who has a full-time connection to the Internet.
YTCracker has since donned a white hat and now works as a security consultant. "People -- even the casual user -- should think again about what information they put online, or in their computers, more carefully than they do now," YTCracker says.