Security: Firewalls
If you spend a lot of time on the internet and you are not
behind a firewall, then you are living on borrowed time. Putting
some protection between you and the internet is probably the
third most important thing that you can do (after getting virus
checking software and performing regular backups).
The diagram to the left shows an unprotected system using a DSL
modem. As you can see, someone on the internet can attach the
computer system easily as the DSL modem provides no protection
(some DSL modems have built-in firewalls). An attacker can get
through any type of modem - DSL, cable, 56K, 28.8 or whatever.
If the device gets you on the internet, you are vulnerable.
For those with a DSL, cable modem or other "always-on"
connection, you MUST get a firewall. This is critical, as your
machine is always live and it most likely has a fixed IP
address. This makes it easier for your system to be "found" and
attacked.
What a personal firewall does is isolate your computer from the
rest of the internet. It does this by inspecting each packet of
data to determine if it it should be allowed to get to (and in
some cases from your machine.) The best protection completely
hides your computer - this is called stealth mode.
You have the option of installing a software firewall or a
hardware firewall.
Software Firewall - A software firewall runs on your computer
system in the background. It intercepts each network request and
determines if the request is valid or not. Software firewalls
offer the following advantages:
- They are generally very inexpensive
- They are very easy to configure
They have the following disadvantages:
- Since they run on your computer they require resources (CPU,
memory and disk space) from your system.
- They can introduce incompatibilities into your operating
system.
- You must install exactly the correct version for your
operating system.
- You must purchase one copy for each system on your home
network.
Hardware Firewall - A hardware firewall is generally a small box
which sits between your computer and your modem. In general,
hardware firewalls have the following advantages:
- They tend to provide more complete protection than software
firewalls
- A hardware firewall can protect more than one system at a time
- They do not effect system performance since they do not run on
your system.
- They are independent of your operating system and applications.
They have the following disadvantages:
- They tend to be expensive, although if you have a number of
machines to protect it can cost less to purchase one hardware
firewall than a number of copies of a software product.
- Since they do not run on your computer, they can be
challenging to configure.
Firewall mixture - In my mind, the best protection is a
combination of both hardware and software firewalls. This is the
ideal, since both have different advantages and disadvantages.
Personally, I use a SonicWall hardware firewall combined with
ZoneAlarm Pro, which is installed on my Windows 2000
Professional system. The SonicWall protects my home network
since it sits between the hub and the DSL modem, and ZoneAlarm
Pro offers some additional protection for each system.
Testing Your Firewall - To test your firewall, surf to
http://www.grc.com and request a probe. You will be given a very
good report of exactly what issues were found and what to do
about them. Once the probe is finished several excellent
personal firewall products are recommended. My personal favorite
is ZoneAlarm Pro, primarily because it's protection is excellent
and it is trivial to use.
Some Firewalls - A selection of personal firewalls is listed
below.
- ZoneAlarm Pro - By far the best software firewall available.
ZoneAlarm offers protection from both incoming connections and
outgoing connections. It is also extremely easy to configure,
has low system impact and is very inexpensive (a free version is
also available).
- Norton Internet Security 2001 (which was the AtGuard product
from WRQ until a few months ago). Norton is a reasonable
firewall, although it does have some vulnerabilities. It offers
weak protection from outgoing connections and is somewhat
difficult to configure if you want it to operate differently
from the default.
- BlackIce - A good choice in firewalls. Much easier than Norton
to configure, but with the same vulnerabilities.
What I've done on my system is:
- Used a SonicWall hardware firewall to protect my entire home
network.
- Installed ZoneAlarm Pro on ach system to provide additional
safety
- And installed Norton Internet Security for it's privacy
protection.
Due to the rapidly changing nature of the internet, it's very
important to be continually monitoring security issues. You may
purchase the perfect personal firewall today, only to find out
in six months that it's been hacked to pieces. So be sure to be
looking around, and be ready to get a newer and better product
quickly. This is not one of those issues where you can scrimp
and save. Your system is at risk.