Let’s Get Personal—Firewalls
Firewalls are the gatekeepers of the Internet. Like bouncers at a club, they determine who gains entry and who does not. Simply put, a firewall is an electronic barrier designed to keep unauthorized computer programs or Internet users from accessing a private computer or network. Before information may enter or leave, it must pass through the firewall. The firewall examines data packets and blocks those that do not meet certain security criteria. With the exception of the built-in Windows XP firewall, which only filters incoming traffic, most personal firewalls today are bi-directional and monitor traffic heading both to and from your computer. The benefit of this type of personal firewall is that it will block attempts to connect to the Internet by unauthorized programs—for instance, after a rootkit or Trojan horse has surreptitiously made its way into your system. These firewalls will also alert you when such unauthorized connections are attempted.
Personal Firewall Facts
While a firewall can be a stand-alone hardware device, a software program or both, a personal firewall is usually implemented in software format only. As a result of the heightened Internet security threats we’re seeing today, users are increasingly availing themselves of personal firewalls for their systems. Personal firewalls are scaled down versions of their industrial-strength brethren, used to protect individual systems instead of entire networks. While their fundamental function is to filter dangerous network traffic, many personal firewalls also log traffic so that you can review it and determine how your system has fared against attacks. Most personal firewalls allow you to customize their configuration so that only the particular types of traffic you desire may reach your system. Another important benefit of many personal firewalls is their ability to block attempts by Trojan horse programs and other types of malicious code from transmitting data from your machine—complementing your antivirus software.
As one can imagine, there’s no shortage of personal firewall solutions. When choosing a personal firewall, keep the following facts in mind.
At a minimum, a personal firewall should:
- Offer clear, easy-to-use configuration options.
- Provide either a manual or automatic update option.
- Hide your computer’s ports, making it “invisible” to Internet scans.
- Offer bi-directional filtering to help detect spyware and/or “adware” and block it from sending personal information from your computer.
- Alert you of attacks and/or log attack information for later review.
Several of the most popular and free (for non-commercial use) Windows-based personal firewalls are:
- Sygate Personal Firewall (smb.sygate.com).
- ZoneAlarm (www.zonelabs.com).
- Agnitum Outpost Personal Firewall (www.agnitum.com).
- Kerio Personal Firewall (www.kerio.com/us).
All the aforementioned vendors also offer inexpensive commercially available products for businesses of all sizes. A few other commercially available Windows-based personal firewalls are:
- BlackICE PC Protection (blackice.iss.net).
- Norton Personal Firewall (www.symantec.com/smallbiz/npf).
- McAfee Personal Firewall Plus (us.mcafee.com).
- Trust EZ Firewall (www.my-etrust.com/).
Following the tragic events of Sept. 11, security awareness is at an all-time high. Established vendors continue to enhance their products to address new breeds of threats. While their basic functions have remained essentially the same, product usability and features will continue to improve. Although personal firewalls are useful in improving the security of virtually any computer system, they are especially useful if a system connects to the Internet via DSL or cable modem. These always-on connections make it easier for attackers to spot your computer and increase your risk of being attacked. The main limitation of most personal firewalls is that because they filter and inspect data packets, they may also somewhat slow down your computer. For most users, that’s a small price to pay for the added security they deliver.
An outreach program devised by Paul Robertson (director of risk assessment at TruSecure) was created to help raise personal firewall awareness. “Personal Firewall Day” debuted this past Jan. 15 and focuses on helping home users better secure their PCs. Protecting the personal home PC in turn amounts to added protection for office networks when they’re connected together remotely. Businesses are finding that their remote employees who don’t have adequately firewall-protected home PCs quickly become a liability to their entire network. For additional information regarding Robertson’s noble cause, visit www.personalfirewallday.org.
On a final note, two software firewalls should never be used simultaneously, as they may interfere with each other’s proper operation. Before installing any personal firewall products on a Windows XP-based computer, be sure that the built-in Intenet Connection Firewall (ICF) is not activated. Detailed instructions can be found at www.microsoft.com/windowsxp/ pro/using/howto/networking/icf.asp.
Douglas Schweitzer, A+, Network+, i-Net+, CIW, is an Internet security specialist and the author of “Securing the Network from Malicious Code” and “Incident Response: Computer Forensics Toolkit.” He can be reached at firstname.lastname@example.org.