December 4, 2004

IT’S 2:00 am Do you know what your PC is doing, as you get up to get a bite of that tasty sandwich? If not, you’re probably not running a firewall to protect your system from those sneaky hackers.

As the name implies, a firewall acts as a barrier between your PC and the internet. Firewalls not only prevent unauthorized access to your PC or network, they also hide your internet-connected PC from view.

Large companies have had firewalls for a long time, to protect their network from determined attackers. But dangerous elements in email and web threats, including viruses, worms, hijacks and increasingly aggressive spyware shows that home PCs require firewall protection as well.

According to Johannes Ullrich, chief technology officer at the Internet Storm Center in Cleveland, Ohio, a typical unprotected PC will come under attack within 20 minutes of being connected to the internet, less time than it takes most people to shower and get dressed in the morning.

He also stated that the situation is so bad that a newly-connected PC won’t have time to download all the windows patches needed to make it secure before destructive software has found and infected it. The time to attack is even shorter for PCs on high-speed networks and cable or DSL services. Hackers specifically target these addresses the same way car thieves target Honda Accords — for their impressive performance with respect to speed. So it’s quite simple, the better your connection the bigger your risk of being hacked. Still most home users don’t have any firewall protection for their PCs, leaving them exposed to all manner of attacks.

There are two kinds of firewalls: (a) software applications that run in the back ground; and (b) hardware devices that plug in between your modem and two or more PCs. Both kinds hide your PCs from other systems, preventing unauthorized access by unwelcome guests.

Microsoft has improved its firewall software in Windows XP Service Pack 2. In fact, both Zone Alarm and Sygate Personal Firewall are easy to download and are free of cost. However, hardware firewall does a better job for broadband users. Hardware firewalls are simpler to use than software firewalls and they don’t affect the PC’s performance.

If you are a cable net provider, you probably don’t have a separate hardware firewall box. Your network router that links multiple PCs can have a hardware firewall included in your system. The Net Gear WGT624 108Mbps Wireless Firewall Router is a high-speed 802.11g Wi-Fi access point router and firewall that offers excellent protection against external threats. Wi-Fi products also include D-link DI-624 and Link SYS WRT54G.

Firewall-capable routers include Net Gear FVS318NA VPN firewall router with an eight-port switch. There is also LinkSYS BEFSX41 instant Broadband Ether Fast Cable and DSL firewall router, which provides four Ethernet ports.

Of course, this does not mean that buying a firewall solves all your security problems. Firewalls may be great at stopping unwanted guests, but they do little or nothing to detect emails contaminated with viruses. A good antivirus software is needed for this purpose, some of which include McAfee, PC Cillin and Norton Antivirus.

Hardware firewalls usually won’t manage outbound traffic, which means a contaminated email can freely send data from your PC to a server on the internet. Thus one can’t help but wonder what it is that hardware firewalls do? Basically hardware firewall keeps an eye on software that pings, sniffs, and queries IP addresses in the hopes of finding an unprotected system.

To do this, hardware firewalls employ numerous functions, some of which are given below.

1. Network Address Translation (NAT): every system on the internet, needs an IP address like a phone number for computers, which is used to make links with other systems across the network. NAT prevents unauthorized connections by giving private addresses to PCs behind firewalls, giving the impression of a single public address.

2. Port management: By default, most hardware firewalls close unnecessary access to all ports on your connected PC. So if a piece of software locks on to your IP address and tries to form a connection with TCP port 80 (used for web connections) or TCP port 25 (used for outbound email), the firewall will ignore the request. They can also let you open specific ports (an action known as port forwarding), so a multiplayer game can link up with other systems across the internet or a web camera can send a video stream to view online.

3. Virtual Private Networking (VPN): VPNs are widely used among businesses for giving remote employees access to local networks. A good firewall will block encrypted connections between the remote device and local VPN software. Firewalls with VPN support can pass through these encrypted links.

4. Content and URL filtering: Firewalls can also offer higher-level features for blocking access to URLs with a specified string of letters in their URL or to any sites that fall outside of a list of accepted web domain names.

PC security experts suggest pairing a hardware firewall with a free software firewall application, such as Zone Alarm. Software firewalls can detect applications trying to send data over the internet and prompt users to allow or disallow the activity. Adjustable alert levels mean you can stop access for review or simply allow all traffic through by default. Hardware firewalls can’t plug into analog modems, which means a software firewall is the best option for most dial-up internet users.

The real challenge lies in promoting hardware firewall protection for the idea is still not as popular as one would like to beileve. Not only this but also, many PC users choose to ignore the importance of firewalls, leaving their computers unprotected. Hopefully, that will change one day.

The writer is a certified computer professional

Please Visit our Sponsor (Ads open in separate window)