the Internet is like a house with an unlocked door in a
neighborhood (like mine). On a regular basis, strangers come around and
rattle the door and windows. If they're unlocked, they come in to take
a look around. And once in, they may walk off with your possessions, or
even sit around, use your stuff, and act like they own the place.
strangers may be looking for financial data: credit card and bank
account numbers. Or they may want to use your computer as a base to
other computers, getting it to help them repeatedly bang on some other
computer's door in a so-called denial-of-service
(DOS) attack. Recently, there's evidence that
have taken to using unlocked computers to send large volumes of e-mail,
to make it harder to catch or block them.
a look at how open your computer is to the anyone rattling the
and windows. Long-time personal computer program and guru, Steve
has a website worth a visit: http://www.grc.com.
go there, rather than clicking on a link on the inital
page, wait a moment for the true first page to appear. You'll see news
about a wide-range of Internet security issues; Steve, for instance,
one of the first to raise the issue of spyware installed along with
software. Feel free to browse his stuff, but eventually, click on the
for Shield's Up
to it at: https://grc.com/x/ne.dll?bh0bkyd2).
button, and after looking at the results, try the Probe
My Ports! tests. After the tests, scroll down the page for
of what the results mean. 'Ports' are like the different doors and
of your house-- different Net services: HTTP, FTP, telnet, RealPlayer,
file sharing programs, and the like, each have a port that they
use to get in and out of computers. Ideally, you want Grc's ports probe
to find your ports hidden away (stealthed) or locked up tight (closed).
Open ports are like unlocked doors; something to be avoided (at least
my neighborhood). (Note: in this context, ports
are not real, physical parts of your computer-- like your printer port
or USB ports, but instead are virtual ports, identified by number. HTTP
(Web) traffic generally uses Port 80; telnet uses Port 21, etc).
tests can be run at Symantec's Security Check (http://www.symantec.com/securitycheck/).
linked to this address as a place to run an online check for
virus infections. This time, click on the page's link
for Security Risks. You'll be asked to download a Symantec
Check utility; feel free to do so. After a few moments, you will see
of a number of tests. Be sure to click the Show
Details links for more information. Note that unlike
is run purely as a public service, Symantec really wants to sell you
of their Norton Antivirus or Norton Internet Security software packages.
) has a link to download their free Port
Checker utility which will quickly check whether any nasty
is making use of your computer's ports.
as "A system designed to prevent unauthorized access
or from a private network. Firewalls can be implemented in both
and software, or a combination of both. Firewalls are frequently used
prevent unauthorized Internet users from accessing private networks
to the Internet, especially intranets. All messages
leaving the intranet pass through the firewall, which examines each
and blocks those that do not meet the specified security criteria." As
an individual user, you may want to replace their use of the
It is becoming increasingly common for users to protect individual
with software or hardware firewalls-- especially if they are always
to the Internet by a cable or DSL broadband connection.
may be dedicated
units, such as the Alphashield
(US$99/CDN$149 from Burnaby BC's http://www.alphashield.com),
protect home users with individual computers or small home
networks. Alternatively, users who are connecting more than one
to a broadband connection may purchase a small router (wired or
from brands including Linksys, dLink, Netgear, and others. Often, these
routers include hardware firewalls.
a number of technologies. They may use Network Address
(NAT) to hide the address of the connected computer(s) from outsiders
the Internet. IP filtering can block Internet packets from specific
Stateful Packet Inspection (SPI) checks the contents of Internet
before allowing it to pass inside. Advanced settings let the firewall
used to block (or allow) traffic through specific ports.
(whether part of a router or not):
-- they do not
from the computers connected to them
-- while setup
complex, once set
they can simply be left alone, running on their own for long periods of
time without needing any user intervention
-- for many
are fine. In that case, just plugging in the firewall provides quick
-- a single
firewall can protect
all the computers on a home or small office network.
modification, non-technical users can get overwhelmed with acronyms and
obscure options. Meanwhile, their multi-user game (or whatever) doesn't
-- cost is
not useful in
of the user's
computer or network
-- models aimed
users do not provide
information on attempts to break in.
-- if you use a
can't take one with travelling with you..
-- they do not
or spam or downloaded files. (Then again, neither do software
are software that
runs on a computer, monitoring network
or Internet traffic, closing ports that are not in use by
services. Some software firewalls also block unauthorized information
leaving your computer. This can be a very useful feature.
Connection Firewall into Windows XP; this is a very
that does not block any outgoing data. Much more capabile firewalls are
available from a many other sources; some are bundled with antivirus
other utilities into Internet Security suites, others are available for
come with a set of pre-established rules for well-known
on your computer that connects to the Internet, but will require a few
days training-- as other software tries to connect with the Net, the
will ask you whether to allow it or not. This will give you a good
of the spyware on your system, and give you the capability to block it
from 'phoning home'. However, this process can be annoying-- as a
many users give blanket permission, and end up letting the spyware on
system do whatever it wants.
annoying, and far too often, firewalls report the name of a file
that's trying to access the Net, without giving the user enough
to know what that file actually is-- what program it's a part of. PC
(Nov 19, 2002) published a list with many files commonly identified in
that way, and where they come from: http://www.pcmag.com/article2/0,4149,640479,00.asp
software firewalls and have a home or small office network, you should
install the firewall software on each connected computer. Because they
are always running in the background, they use computer resources and
result in a small but real drain on the computers' performance.
you've got a network, use both
firewall) is the best way to connect multiple computers to the
but also install software firewalls on all your systems, to check
traffic and to protect notebooks when they're on the road.
firewalls don't protect
protect your system(s) from viruses or spam. If you download a Trojan
or spyware program and install it on your system, you've let the 'bad
in past the firewall-- though a software firewall may keep the spyware
from being able to report back on you.
November 2002, PC
6 brands of software firewalls marketed for home and small office
to Symantec's Norton
Internet Security Suite 2003, which bundles a software
together with Norton Antivirus, ad blocking, spam filtering, and the
for parents to limit what their children can do online. Setup wizards
it one of the easiest firewalls to configure. (PC Mag also ran a
piece looking at small business firewalls: http://www.pcmag.com/article2/0,4149,644364,00.asp)
budget, and don't want to pay for all the features in NIS, ZoneAlarm
three versions: a US$50 Pro version, a US$30 Plus version, and a free
personal or non-profit use) version. Unless they have a home network,
free version provides all the protection most home users will need. It
will protect against outsiders probing your system for security holes,
and can give information about the prober. It also controls against
and spyware installed on your system attempting to contact outside.
protection against email worms and viruses (though it is not a
replacement for anti-virus software), and provides more information and
reporting about outsiders probing your system. The Pro version adds
over browser cookies, stops pop-up ads, and controls nasty ActiveX and
expect to spend some time 'training' it; after installation,
you will be notified every time an application tries to access the
or your home network, letting you set rules for that application. Nice
feature-- you can give applications different settings for access
your local network and the Internet. Your word processor may need to
documents shared on another computer on the network, but does it need
Alarm will also notify you everytime someone outside tries to get
at your computer. While this is interesting (and frightening) for a
it gets boring fast... luckily, you can easily set the program to keep
a log of all these attempts, while not needing to bring it to your
with local area networks
will need to manually set the free
Zone Alarm version to recognixe their home LAN.
the only firewall with a free version... Tiny
Personal Firewall (http://www.tinysoftware.com/)
have a free version, which can still sometimes be found (for
example: http://www.pcworld.com/downloads/file_description/0,fid,8051,00.asp) Effective
2005, Symantec, having purchased Sygate, has stopped
making both paid and free versions of Sysgate Personal Firewall
available, though copies may
be found online.
announced that it will no longer be supporting its Desktop Firewall
product, though it can still be downloaded at: http://www.kerio.com/kpf_download.html
for Windows 98 through XP; I haven't had the opportunity to use
this one. Comodo Personal Firewall is a
new, modern, free firewall that's getting great reviews.
ZoneAlarm have a new product, IMsecure
for users of instant messaging programs AOL, Yahoo, and MSN Messenger.
(It doesn't work with the popular ICQ). As with Zone Alarm, there's a
basic and a pay (US$20) 'Pro' version. Both versions offer encryption
protect against buffer-overflow attacks; the free version will only
one user name on one IM network.
(November 8 2005) reviewed
four free firewall programs: Kerio, Outpost, Sygate, and ZoneAlarm 6.
Their conclusion: Kerio was the best for Windows 2000 and XP users,
ZoneAlarm for Win98/ME users. Read their detailed reviews: http://www.pcmag.com/article2/0,1895,1865517,00.asp
do nasty worms get inside corporate firewalls
If home users
personal firewalls and antivirus software, how is it that big
seem to be vulnerable to worm attacks such as the August 2003 Blaster
that shut down Air Canada's reservations system or the September 2003
down of the US State Department's visa application network?
article: "Lessons Learned From the Blaster Worm": http://www.computerworld.com/securitytopics/security/story/0,10801,85247,00.html?nas=SEC2-85247
notes that firewalls can be compromised in several ways, for example,
notebook users who take their computers home and let them become
there, then bring them back inside the corporate firewall. As well,
who browse to a webmail service to check their personal email at work
be bringing viruses and worms inside the corporate firewall.
it's important for everyone to be running antivirus software, and
make sure that it's kept up to date... not simply assume that a
will provide protection.
Go to grc.com or
Security Check (or both) and check how secure your system is right now.
-- Install a
firewall (such as
ZoneLabs or Norton Internet Security Suite). Spend several days with
until you've set rules for Internet and network access for most of your
installed software. Any surprises about what software was trying to get
-- Go back to
installed and check your system's security.
CyberSafety course includes the following modules: