|
|
|
A computer can have a ‘great wall’ too
CONNECTING your unprotected personal computer to internet is analogous to leaving your house unlocked — eventually, someone will ramble inside and take all your stuff. Just as a lock keeps your house secure from intruders, a software firewall helps prevent unwanted intrusions (viruses, worms, etc) from harming your PC by making the points of entry to your system more Net secure.
A few years ago, people thought that firewalls were just for the paranoid. But that was the past. These days, firewalls along with anti virus scanners are considered to be an integral part of every system that is capable of connecting to internet, the reason being that more people have broadband connections now and worms, viruses and Trojans have become more devious and crafty than ever before.
How firewall works
According to the majority of experts, even if your PC is connected to the net for the briefest of times, a software firewall is still absolutely vital, for it is designed to protect your system from the legions of nefarious hackers as well as other evil-doers looking to purloin all your private information. Their modus operandi of gaining access to your PC’s data revolves around the same strategy: finding an open port (the entry point or the “door”) leading into your PC, or deceiving your system into opening one for them. Whenever you attempt to use an email program, a browser or any other software for retrieving information from a site, all data flows through one or more of these ports.
Firewalls keep these ports under close surveillance for Internet connections and deny access to any undesirable traffic, thereby preventing their exploitation. In addition to keeping threats at bay on the outside, firewalls secure your machine on the inside too, by safeguarding your PC from malignant, stealthy applications that may be residing on your system (including spyware, Trojan horses, etc.). These sneaky apps run in the background and transmit information such as your browsing or email habits to spammers, marketers and other remote servers.
Free of cost, not free of glitches
Though there are plenty of software firewalls available, you need to assess which one suits you best. Both WinXP Home and Professional provide internet security in the form of a port-filtering software firewall, known as the Internet Connection Firewall (ICF) that prevents the scanning of resources and ports from all external sources. It may not offer top-of-the-line robust protection, but it’s easy to use and absolutely free of cost.
On the downside, ICF isn’t capable of handling and controlling outbound connections from your system — it only monitors incoming ones. This, in essence, means that if you already have an unscrupulous backdoor program on your system, ICF won’t do a thing to stop it from transmitting data to remote servers. For that, you need to install a good third-party firewall.
Nevertheless, if you wish to enable Windows’ very own ICF on your PC, go to Control Panel>Network Connections. Right-click the connection on which you wish to enable ICF, and select “Properties.” On the tab labeled “Advanced,” select “Protect my computer….” To enable the use of certain applications and services through the firewall, you need to configure them by clicking the “Settings” button and then making the appropriate adjustments for each. For instance, you would have to make adjustments for Windows Messenger by manually opening the appropriate ports to allow file transfers. More details are available on Microsoft’s web site.
The best ones
If you don’t prefer ICF, there are a vast majority of substitutes available, including prominent names such as ZoneLabs’ ZoneAlarm Pro 5, Sygate Personal Firewall Pro 5.5, Kerio Personal Firewall 4, Panda Platinum Internet Security, Trend Micro PC-cillin Internet Security, Symantec Norton Internet Security and McAfee Personal Firewall 5 Plus.
The pick of the lot is the award-winning ZoneAlarm Pro 5 due to its wealth of features and its ease of use. Though the firewall incorporated into Norton Internet Security is a viable option too, it misses out on a few essential things, including outbound email monitoring controls, alert explanations as well as the ability to report attacks online.
Furthermore, ZoneAlarm Pro 5 also features an efficient cache and cookie cleaner, provides top-of-the-line mass-mailer protection as well as privacy-guarding features, making it flexible enough for novices as well as sophisticated enough for the more technically minded.
Configuration
Before you install ZoneAlarm or any of the other products mentioned above, ensure that the firewall built-in into Windows XP is turned off. Using two firewalls simultaneously will really create astral problems. To ensure that ICF is disabled for a connection, right-click that connection in “Network Connections” and select “Advanced.” Check to see that the box labeled “Protect my computer…” is not selected.
Though all third-party firewalls are extremely easy to install, they do require a short “learning” period to configure them for certain programs, including your browser and other applications that attempt to connect to internet.
Once you have a firewall up and running (you’ll see an icon at the bottom-right corner of your screen), you’ll come across more than a few automatic alerts, in the form of a warning dialog box every time a program attempts to establish a connection to internet for the first time. All you need to do in response is to either permit or disallow the connection to the program. In this case, the answer would be to “allow” access. Furthermore, your choice can become a permanent rule when you click on the box labeled “Remember this setting” as in ZoneAlarm Pro 5.
As you continue to implement new rules for your firewall, within a few days time, no interaction on your part would be necessary. But the tricky part is in knowing which programs to grant internet access to. For instance, you would generally allow the connection to common programs such as Internet Explorer, Outlook or even MS Word. But some wily worms are known to piggyback on Windows Explorer, etc., in order to evade detection.
In short, you shouldn’t be permissive to any application that demands a connection. Instead, just deny the access whenever in doubt. You can always change settings later, if you happen to change your mind or if a program doesn’t work the way it’s supposed to.
To do so in ZoneAlarm Pro 5, double-click the icon in the tray (at the bottom-right corner of your screen) and click on “Program Control.” Select the tab labeled “Main.” Now you’ll come across a list of all the programs that have ever attempted to connect to the net, as shown. To enable access for a blocked program, locate the program in the list, right-click on it and select “Remove.” Now, whenever you run the program next, it will automatically ask you again for the appropriate action.
Some firewalls also have a pre-configured permission list that automatically grants access to certain programs. For instance, ZoneAlarm Pro 5, Norton Internet Security 2004 and Panda Platinum’s firewall all come preset by default to permit access to certain Windows components that may seem ambiguous to users. What’s more, ZoneAlarm Pro 5 also offers “Alert Advisor” that gives hints on whether a program is safe or not. This is a really good feature for those of us who can’t afford to be too judicious all the time.
On the other hand, Sygate Personal Firewall (as well as McAfee, Norton and Kerio for that matter) doesn’t offer any advice, which is why it isn’t the best option for novices. To configure a firewall such as ZoneAlarm step by step, see below:
Enable automatic updates: This is a very critical step; in order to ensure that your firewall can handle the latest threats, always enable automatic updating. To do, go to Overview > Preferences and select “automatic product updates.”
Adjust security levels: Keep the “Internet Zone Security” to the highest level possible to protect your system from hackers. Go to “Firewall” and drag the slider all the way to the top.
Adjust program controls: In most cases, you’ll be fine with the “Medium” setting. That way, whenever any program attempts to connect to the Net for the first time, you’ll be asked for permission.
Respond to program alerts: For novice users, setting the “AlertAdvisor” to “Medium” is recommended. This will enable the user to make informed decisions about a specific program.
Adjust privacy settings: To protect your privacy, under “Cookie Control” set the slider to “Medium” to block cookies from third party spying sites.
Enable extra features: Most firewalls offer additional functions, such as anti virus monitoring, ad blocking, email and identity protection as well as an integrated cache cleaner.
Generally, you should set the “Ad Blocking” slider to the highest level for blocking all forms of unwanted pop ups and banner ads. Besides that, you should enable ZoneAlarm’s “MailSafe” feature that alerts you whenever it detects virus-like activity in email attachments. Another nifty feature is “ID Lock” that guards your personal information from prying eyes. Once you’ve properly configured ZoneAlarm, you can put it to the test. A great way of doing this is to try out the Shields UP! Security test, available at
Free downloads
If you wish to evaluate any of the products mentioned above, point your browser to the links mentioned below. Note the fact that the free version of ZoneAlarm is not comparable to the Pro version. The latter offers more privacy guarding features. Most of these downloads are only trial versions.
— ZoneAlarm 5 Free Version
— Norton Internet Security 2004
— McAfee Personal FirewallPlus
— PC-cillin Internet Security 2004
— Panda Platinum Internet Security 2004
— Kerio Personal Firewall 4
— Sygate Personal Firewall Pro
The writer
|
|
|
|
