Unwanted Intruders
Sydney Morning Herald
Saturday October 7, 2000
Keep the hackers out of your computer. Jonah Lau shows you how.
The good news: Cable and DSL services give you Internet access at a speed that leaves conventional dial-up connections eating digital dust, and these fast services let you stay online around the clock.
But leaving your PC online all the time can be like leaving your front door open. Yes, the Internet is always available to you, but the reverse also holds true - your computer is always available to the Internet. There are many steps that can be taken to keep your system safe and sound.
Savvy surfers have already installed anti-virus software to keep their computer free of malicious viruses. Personal firewall software is the next step in securing your system.
Firewalls create a virtual wall around your computer. Hackers tap into online computers by accessing the software "ports" on your system. Think of these ports as the doors and windows to your computer from the Internet. Hackers don't need to target your machine individually - they just run a widespread sweep of the Internet to probe for any ports.
The best firewall programs hide these ports from prying eyes. The main criterion of a good firewall would be how thoroughly it protects your system. For example, should a virus or "trojan horse" somehow happen to land on your PC, a firewall can prevent it from secretly accessing the Internet via your system.
Another important aspect is ease of use. After all, having a firewall with a bad interface could be worse than having none at all, because the program will probably be left in its default setting. Some firewalls come with their shields set to maximum, almost to the point of paranoia; others have minimal protection, leaving your computer open to attacks.
It's vital to be able to easily change the settings based on your needs. This extends to the use of "rules", which define how the firewall will react to events. The firewall can have a rule to permit all Internet access by your Web browser and email programs, but will need to learn how to deal with other programs such as ICQ. You might want to have full access enabled for all your Net programs, but set up your system so that when the kids log on they can only surf and do email, while blocking chat programs.
In the same way, advanced users should not be hampered in their desires to tweak the configuration to permit esoteric options such as allowing data on your machine to be accessed by other "trusted" computers on the Internet, which is necessary for file-sharing and remote computing software.
If you're running a home network then the firewall should be easily configured to protect the whole network through your Internet hub; some programs do this with ease, others demand you navigate a cumbersome sequence of confusing steps.
Since firewalls have to inspect all incoming and outgoing traffic, a certain amount of slowdown in your connection should be expected. It's also important to know how the firewall performs when under attack - it shouldn't eat up every bit of memory on your computer just to keep the intruder out.
The level of support provided is an important aspect that can't be neglected, not only because firewalls (like all other software on your computer) can contain bugs and vulnerabilities, but because new hacking techniques are continuously being discovered. Because a large part of your PC's Internet plumbing is provided by your operating system, the firewall is only as good as the operating system. If a security hole is discovered in Windows, that hole can be used to sidestep the firewall and put your PC at risk.
Frequent firewall updates will help keep these holes patched. Once the firewall is installed, you can test it with a free live "security audit" at Steve Gibson's Shields Up site (http://grc.com).
What about Me?
Not all personal firewalls work with the newly released Windows Me operating system, due to changes in Me's Internet plumbing. Before you buy a firewall, or before you upgrade from Windows 9x, visit the firewall maker's Web site and ensure the program supports Windows Me.
BlackICE Defender www.networkice.com
McAfee Personal Firewall www.mcafee.com
Norton Personal Firewall www.symantec.com.au
ZoneAlarm
www.zonelabs.com
© 2000 Sydney Morning Herald