| Firewalls |
| back |
| The purpose and use of a firewall is
simply to control the dataflow on and off your computer into the
Internet or other network connection. With some 65,235 ports plus
available for connection from the Internet or over a local network it
is nearly impossible for someone to monitor the use of all these
ports without some program to control and selectively refuse
connection to ports. The devices that control such activity is called
a firewall. They fall into two general groups called software
firewalls and hardware firewalls. Hardware firewalls consist of
actual physical hardware being used for part or all the monitoring
and limiting of connections. These generally are not seen too much in
home use unless someone is operating a small network within their
home with usually a enhanced network connection of some sort. Most of
the hardware firewalls are incorporated into a router/hub on such a
small network so that all the computers using the network can share
the Internet connection. They provide a basic level of protection
from attacks online but as with any other firewall they are only as
good as the settings and testing used or done. Depending on what you
have for a network, such hardware firewalls start out in the $100.00
(usd) range and extend up into thousands of dollars for higher end
products used for larger networks. The second group of firewall products is far more popular and used by home users that being software firewalls. These range in price from free downloads to into the $50.00 range depending on the product you select. Cost however is not always an accurate measure of how effective a firewall product is. The freeware ZoneAlarm version is very effective as a firewall and costs nothing for personal use. It's larger brother the ZoneAlarm Pro version is a good product also but for most home users has features that will not be used or needed, and is not all that much more effective for the typical uses of firewalls on most people's use of the Internet. Tiny Personal Firewall and Sygate Personal Firewall both provide good protection and both are also free for personal use. All of the links above open to preview pages for downloading on www.tucows.com and are good as of July 10th , 2002. I do not have control over changes made by those sites so if the links do not work you will have tot try to locate it manually from the main site index. The Tucows Network has download mirrors world wide so you should be able to locate a fast download point. Some of the firewall products are not effective in both directions ( incoming and outgoing ) so it will do little to stop spyware or other things like Trojans from contacting their intended target. For what it is worth, it is my opinion that you should attempt to use a firewall that is effective in both directions and most importantly, one you have done at least basic tests on to make sure it is working correctly. The Firewalls I have mentioned I have tried personally and found all of them to work well if set up correctly. It is also my opinion that most can disable file and print sharing without any problem on their Windows and see no ill effects. In so doing will also cut their chances of being effectively attacked greatly. http://www.tucows.com/firewall95.html ( this is the firewall page on tucows for Windows Systems ) I also strongly suggest at least a basic port test be done after you have installed the firewall and operated the browser and mailer and your messenger if you use one online. Make sure you have only allowed the browser, mailer and messenger to have access to the internet. In some cases you may have to also enable a Microsoft control program to allow access depending on your Windows version. At this point however you should do at least a basic port scan. For starters I generally suggest the Shields Up test at Gibson Research. If you find this to suit your needs you may wish to also consider their IP Agent software which can make the process of testing your firewall from time to time a pretty easy operation. I personally keep a shortcut handy to the IP Agent program on my desktop. The next scan I find pretty well unlimited and easy to use is the one offered by Sygate's website at http://scan.sygate.com/prescanfaq.html ( you may also be able to find a link to the left site of the page ). This scan includes several options and does also scan UPD & TCP ports as well as a common trojan port scan if you wish to spend the time. In my opinion anyone who installs a firewall should at least do all the scans offered on this site at least once after they install their firewall. As far as more extensive audits, I personally recommend http://www.hackerwhacker.com/ however they offer only one scan for free so it is best to test with other free/unlimited services before using this test on your systems firewall so you do not waste your one free scan. I believe further use of their site costs about $30.00 but I have not found a need to use it with the free offerings about. The SecuritySpace site offers even more complete port scans that can cost hundreds of dollars but these are generally far beyond the range any average home user is likely to require. You of course wish to see Stealth reports or closed reports on all ports. If you see open ports you should make some attempt to correct this condition as it means your computer is accepting connections to that port. In most cases for personal use this is not desired. At this point you should attempt to determine what software you have in operation that is leaving the port open and what the purpose of it being open is for. In most cases you would need only reset something in the program to correct the problem. In other cases you may need to locate other software or remove software depending on the software and situation. Please note that Trojans are not normally a desired thing to have on your system. You should have Antivirus software that will detect them and then follow the instructions on their site to remove them. If not see my Helps and Links page or my Security101 page on this site for addtional software sources.
|
| © joanna (aka easy2confuse) Last revised 10-24-2002
|
