|
Reviews: Why you really, really need a firewall (or two) |
|
|
Senior Associate Editor,
CNET/ZDNet Reviews
Monday, March 31, 2003
WELL, TIMES CHANGE. Desktop computers are now faster and more numerous than ever before. So are Internet connections. And while most people used to dial up to their ISP for limited amounts of time, now many are online 24/7--thanks to their broadband Net connection--and some even host their own Web servers.
In addition, more and more computers are networked--often to allow multiple systems to share one fast Net connection.
Combine these trends with a hacker's ability to coordinate thousands of desktop computers in distributed denial-of-service attacks on major Web sites, and I think it's time we start taking PC security seriously.
My advice: Use a firewall. If your PCs are networked, layer your defenses by using both router-based hardware and desktop-based software firewalls. If you have only one computer connected to the Internet, a software firewall should suffice.
(For those of you who don't know, a firewall is a system that intercepts all data entering or leaving your PC or network. Most often it is a piece of software or hardware--actually firmware on a chip--that either hides true network addresses, preventing outsiders from gaining access to information stored on individual PCs, or blocks sensitive internal data from escaping out into the Internet--or both.)
EVERY NETWORK'S first layer of defense should be at the router--the device that allows your computers to communicate with other local computers and the Net. These days, some routers (aka gateways), such as the NetGear RP614 Cable/DSL Web Safe Router Gateway (for wired networks) and the Netgear CG814M wireless cable modem gateway (for wireless nets), include built-in firewalls. So you're all set, right? Not really.
The firewall included in most routers is based on what's known as Network Address Translation (NAT). Basically, this means the router creates its own set of local IP (Internet protocol) addresses for each computer on your network. The NAT router hides your local network addresses from the Internet by translating those individual addresses into one common IP address. It also keeps track of all outgoing data packets, translating them to the common IP address, as well as all the incoming packets, translating them to the individual desktop addresses.
It's something like how a phone system at a large company works. When you dial out from your office, the person you're calling won't see your direct telephone extension; he'll see the company's main phone number instead. In the same way, someone looking for vulnerable computers on the Internet sees only one IP address for a network with a NAT router. Since no one outside your net can see the address for your PC, no one can attack it.
WHILE NAT ROUTERS will keep hackers from discovering the nature of your network (how many systems you have, what OSes they're running, etc.), and help protect you from attackers trying to break in, that's only half the battle. The other half is protecting your net from hackers who have already broken in--via a Trojan horse or spyware, for example--and are trying to send outgoing messages to the Internet from your systems.
That's why you need yet a second layer of defense: outbound protection.
You can get this extra layer of security by installing a software firewall on each desktop or laptop on your net--or on your individual PC, if you only have one computer. This software will alert you whenever malicious programs on your system try to connect to the Internet.
The best software firewall, in my opinion, is ZoneAlarm Pro. ZoneAlarm is pretty smart; not only does it monitor which apps on your desktop have permission to connect to the Net, it also checks the integrity of those apps. That way, if someone sends you a piece of malicious code disguised to look like it came from Quicken, say, ZoneAlarm will shut it down. Other capable firewalls include McAfee Firewall 4.0, Sygate Personal Firewall, and BlackICE.
I'm also starting to see more advanced technologies--once used only by companies--in the latest desktop security products. Norton Personal Firewall 2003, for example, includes an Intrusion Detection System (IDS), which is commonly used on corporate gateways. An IDS checks individual packets coming across the Internet for the existence of malicious code, including worms such as Code Red or SQL Slammer. Though there is some debate about whether the average desktop computer needs this technology, because Norton included it in its latest personal firewall, I expect other firewall makers will add this feature to forthcoming releases of their products, too. ...
Please feel free to post comments on this story. You may find it in it's entirety at ZDNet - Anchordesk.
|
|
|
 |
| "Reviews: Why you really, really need a firewall (or two)" | Login/Create an Account | 0 comments |
|
| | The comments are owned by the poster. We aren't responsible for their content. |
|
|
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 0
Votes: 0
|
|
|
