WSJ: Personal Firewalls
Jul. 13th, 2003 02:46 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
jenkFrom Walt Mossberg's Personal Technology column
Mostly for my &![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
lisakit's reference...
Amid Attacks, a Guide
To Firewalls for Home PCs
IF HACKERS CAN bring down Yahoo! , with its huge banks of huge computers in huge buildings with huge staffs, can they bring down your lonely little PC in the spare bedroom? Can they invade its contents, peering right into your kid's term paper on Christopher Columbus? And, if so, what can you do to stop them?
There's no perfect answer to that question. Theoretically, any computer that connects to the Internet, even episodically, could be penetrated by malefactors. The invaders could then read or copy data on its hard disk, or plant "Trojan horse" programs you'd never find that could be activated later to do damage, either to your PC or to other computers on the Internet.
The vast majority of home users aren't especially vulnerable to such attacks, and shouldn't lose sleep worrying about them. But for the minority of consumers whose PCs might be in danger, there are cheap and effective defenses, several of which I've been testing.
Before turning to the available defenses, let's talk about the problem. There are two main kinds of home computers connected to the Internet. Some are constantly connected and use a fixed Internet address, a sort of code that computers on the Net use to identify each other. Others aren't constantly connected and don't have a fixed address. Periodically, they dial up an Internet-service provider (ISP) to link to the Net, and each time the ISP gives them a different, temporary Internet address.
ABOUT 95% OF THE PCs in homes are of the second type, and they aren't very likely to be attacked by hackers. That's because they're hard for hackers to find. They're not on the Web long enough or at regular enough intervals, and they keep changing their addresses. It's technically possible for hackers to locate and target these on-and-off dial-up PCs, but it usually isn't worth the time it takes.
However, the less than 5% of home PCs that connect via a cable modem or high-speed DSL phone line are another story. These computers are connected constantly, as long as they are turned on, even when the users aren't present and Internet software, like browsers and e-mail programs, are shut off. They are much like corporate PCs, which are always "live" on the company network. And, in most cases, these cable modem and DSL computers use a fixed Internet address, which establishes a permanent identity for them on the Net.
If you have a cable modem or DSL connection, you should install what is called a firewall program. That's a piece of software that constantly monitors your Internet connection and blocks intruders from accessing your PC. In some cases, these programs can even make your PC all but invisible to potential attackers. If you're on a dial-up connection, you don't need a firewall, unless you're a big worrier. There's one exception. If you like to dial up and leave the connection on for hours, or even days, at a time, you are simulating a constant connection and should install a firewall.
Home firewall software will be of growing importance as more people sign up for cable modems or DSL lines. I've been trying out three Windows firewall programs on a test PC with a constant DSL connection.
My favorite is BlackIce Defender, a $40 program from Network Ice sold over the Web, at www.networkice.com (www.networkice.com1 ). This simple program runs unobtrusively in the background and doesn't interfere with normal Web use. When it detects an attack or probe aimed at your PC, it both repels the invader and notifies you by blinking its icon on the task bar. You can set various security levels, read a log of attempted attacks (the number will surprise you) and get copious help from the company's Web site.
A second program, ZoneAlarm, from Zone Labs, is causing a stir. It's free at www.zonelabs.com (www.zonelabs.com2 ). Some people who formerly recommended BlackIce now favor ZoneAlarm, because in addition to blocking intruders, it goes one step further. ZoneAlarm blocks programs already on your computer from accessing the Internet, unless you say they're OK. Theoretically, this should stop any Trojan-horse programs installed on your hard disk without your knowledge from communicating with the outside world.
THAT SOUNDS GOOD , but in reality very few home computers contain such a Trojan horse. Also, in my tests, I found ZoneAlarm to be balkier and more confusing than BlackIce. It interfered with my use of Microsoft Money for home banking. Its notification system for possible attacks is clumsy, and it doesn't keep a visible log of such probes. And it requires you to make a lot of decisions.
Finally, Symantec Corp. has released a $54 program called Norton Internet Security 2000, sold both in stores and online at www.symantec.com (www.symantec.com4 ). I found this program to be huge, complicated and imprecise. In addition to security features, it adds parental controls, antivirus protection and privacy features, including the ability to block Web-site ads. It was so overprotective it stopped me from calling up some prominent Web sites.
Of course, the security problem is more complex than this simple primer suggests. Much more information about all of this is available at a terrific Web site that's written in plain English. It's called Shields Up and is from Gibson Research Corp. Best of all, the Web site (grc.com/x/ne.dll?bh0bkyd25 ) can test your PC for vulnerability.
The bottom line is: Don't panic. All those term papers are probably safe from prying eyes, or can be.
• For answers to your computer questions, check out my Mossberg's Mailbox6 column in today's Tech Center.
URL for this article:
http://online.wsj.com/article/0,,SB951343249880762498,00.html
Hyperlinks in this Article:
(1) http://www.networkice.com/
(2) http://www.zonelabs.com/
(3) mailto:mossberg@wsj.com
(4) http://www.symantec.com/
(5) https://grc.com/x/ne.dll?bh0bkyd2
(6) http://online.wsj.com/article/0,,SB951239168645528540,00.html
If you have a question you want answered, or any other comment or suggestion about Walter S. Mossberg's column, please send e-mail to mossberg@wsj.com3
Updated February 24, 2000
Mostly for my &
lisakit's reference...Amid Attacks, a Guide
To Firewalls for Home PCs
IF HACKERS CAN bring down Yahoo! , with its huge banks of huge computers in huge buildings with huge staffs, can they bring down your lonely little PC in the spare bedroom? Can they invade its contents, peering right into your kid's term paper on Christopher Columbus? And, if so, what can you do to stop them?
There's no perfect answer to that question. Theoretically, any computer that connects to the Internet, even episodically, could be penetrated by malefactors. The invaders could then read or copy data on its hard disk, or plant "Trojan horse" programs you'd never find that could be activated later to do damage, either to your PC or to other computers on the Internet.
The vast majority of home users aren't especially vulnerable to such attacks, and shouldn't lose sleep worrying about them. But for the minority of consumers whose PCs might be in danger, there are cheap and effective defenses, several of which I've been testing.
Before turning to the available defenses, let's talk about the problem. There are two main kinds of home computers connected to the Internet. Some are constantly connected and use a fixed Internet address, a sort of code that computers on the Net use to identify each other. Others aren't constantly connected and don't have a fixed address. Periodically, they dial up an Internet-service provider (ISP) to link to the Net, and each time the ISP gives them a different, temporary Internet address.
ABOUT 95% OF THE PCs in homes are of the second type, and they aren't very likely to be attacked by hackers. That's because they're hard for hackers to find. They're not on the Web long enough or at regular enough intervals, and they keep changing their addresses. It's technically possible for hackers to locate and target these on-and-off dial-up PCs, but it usually isn't worth the time it takes.
However, the less than 5% of home PCs that connect via a cable modem or high-speed DSL phone line are another story. These computers are connected constantly, as long as they are turned on, even when the users aren't present and Internet software, like browsers and e-mail programs, are shut off. They are much like corporate PCs, which are always "live" on the company network. And, in most cases, these cable modem and DSL computers use a fixed Internet address, which establishes a permanent identity for them on the Net.
If you have a cable modem or DSL connection, you should install what is called a firewall program. That's a piece of software that constantly monitors your Internet connection and blocks intruders from accessing your PC. In some cases, these programs can even make your PC all but invisible to potential attackers. If you're on a dial-up connection, you don't need a firewall, unless you're a big worrier. There's one exception. If you like to dial up and leave the connection on for hours, or even days, at a time, you are simulating a constant connection and should install a firewall.
Home firewall software will be of growing importance as more people sign up for cable modems or DSL lines. I've been trying out three Windows firewall programs on a test PC with a constant DSL connection.
My favorite is BlackIce Defender, a $40 program from Network Ice sold over the Web, at www.networkice.com (www.networkice.com1 ). This simple program runs unobtrusively in the background and doesn't interfere with normal Web use. When it detects an attack or probe aimed at your PC, it both repels the invader and notifies you by blinking its icon on the task bar. You can set various security levels, read a log of attempted attacks (the number will surprise you) and get copious help from the company's Web site.
A second program, ZoneAlarm, from Zone Labs, is causing a stir. It's free at www.zonelabs.com (www.zonelabs.com2 ). Some people who formerly recommended BlackIce now favor ZoneAlarm, because in addition to blocking intruders, it goes one step further. ZoneAlarm blocks programs already on your computer from accessing the Internet, unless you say they're OK. Theoretically, this should stop any Trojan-horse programs installed on your hard disk without your knowledge from communicating with the outside world.
THAT SOUNDS GOOD , but in reality very few home computers contain such a Trojan horse. Also, in my tests, I found ZoneAlarm to be balkier and more confusing than BlackIce. It interfered with my use of Microsoft Money for home banking. Its notification system for possible attacks is clumsy, and it doesn't keep a visible log of such probes. And it requires you to make a lot of decisions.
Finally, Symantec Corp. has released a $54 program called Norton Internet Security 2000, sold both in stores and online at www.symantec.com (www.symantec.com4 ). I found this program to be huge, complicated and imprecise. In addition to security features, it adds parental controls, antivirus protection and privacy features, including the ability to block Web-site ads. It was so overprotective it stopped me from calling up some prominent Web sites.
Of course, the security problem is more complex than this simple primer suggests. Much more information about all of this is available at a terrific Web site that's written in plain English. It's called Shields Up and is from Gibson Research Corp. Best of all, the Web site (grc.com/x/ne.dll?bh0bkyd25 ) can test your PC for vulnerability.
The bottom line is: Don't panic. All those term papers are probably safe from prying eyes, or can be.
• For answers to your computer questions, check out my Mossberg's Mailbox6 column in today's Tech Center.
URL for this article:
http://online.wsj.com/article/0,,SB951343249880762498,00.html
Hyperlinks in this Article:
(1) http://www.networkice.com/
(2) http://www.zonelabs.com/
(3) mailto:mossberg@wsj.com
(4) http://www.symantec.com/
(5) https://grc.com/x/ne.dll?bh0bkyd2
(6) http://online.wsj.com/article/0,,SB951239168645528540,00.html
If you have a question you want answered, or any other comment or suggestion about Walter S. Mossberg's column, please send e-mail to mossberg@wsj.com3
Updated February 24, 2000
