| Sam Young Newsletter |
Issue 10, August 2000
Hi guys,
I have had a query from a client about firewalls... what kind are there, what is the best, what options there are in the market.
So this newsletter goes into what a firewall is, why you need one, and what you need to do to get the best for your PC protection.
I know, I know, the idea seems pretty dry and technical. But if you run a business, you definitely need to ensure that you have good firewall protection... and if you have personal files, emails or addresses that it would break your heart to lose; get a firewall. So bear with me while we go through it all.
For the reasons that a Windows 95 or 98 user would want to use a firewall, click on this link to Cnet. There have been computer security alerts issued about BackOrifice (see Cnet) and NBUS over the past couple of months that should make us all a bit more aware of how INSECURE non-NT Windows really is.
But before we get on with the meat of it - I hope you guys are all backing up your data regularly. If you do get hacked - or pinged with a nasty trojan horse - you might be unable to use your PC until your hard drive is reformatted... losing ALL your data. Check out Firewalls - What Are They? below and PC Firewalls for Sale.
If you want to be taken off my mailing list, click here to send me a reply e-mail and I will remove your name.
| Firewalls - What Are They? |
As the name implies, a firewall is a protection device to shield vulnerable areas from some form of danger. And that danger, to most of you, is Hackers.
Hackers come in all flavors. Many are simply curious dudes who want to find out how a program or system works. They may not do any harm, and some even provide a service by discovering programming bugs and helping fix them. But malicious or criminal hackers use their skills for devious purposes. Criminal hacking incidents can range from obnoxious to destructive. The latter category includes "denial-of-service" attacks- like those that shut down Internet sites EBay and Yahoo last February when hackers bombarded the sites with data and caused the site's servers to crash.
Hacking individual PCs remains a fairly rare phenomenon. Your chances of suffering some type of Internet vandalism are rising, however, especially if you have an uninterrupted, dedicated connection like DSL or cable modem. Fortunately, you can take some simple steps to protect yourself. For most Internet users, changing a few settings, installing a good personal firewall, maintaining updated antivirus software, and using common sense will provide reasonable protection for a small cost.
In the context of the Internet, a firewall is a system (i.e., a router, a personal computer, a host, or a collection of hosts) set up specifically to shield a site (or subnet) from external abuse.
A firewall system is usually located at a higher-level gateway, such as a site's connection to the Internet, however firewalls can be located at lower-level gateways to provide protection for some smaller collection of hosts. Like on your home PC.
In a firewall-less environment, security relies on each person on the web behaving themselves. Which, as we know, doesn't always happen!
A firewall system offers the following specific advantages:
- concentration of security, all modified software and logging is located on the firewall system (not distributed on many hosts);
- protocol filtering, where the firewall filters protocols and services that are either not necessary or can't be adequately secured from outside;
- information hiding, in which a firewall can "hide" names of internal systems or email addresses (revealing less information to outside hosts);
- application gateways, where the firewall requires all inside or outside users to connect first to the firewall before connecting further (thereby filtering the protocol);
- extended logging, where firewall can concentrate extended logging of network traffic on one system; and
- centralised and simplified network services management, where services such as ftp, electronic mail, gopher etc are located on the firewall (instead of being maintained on many systems - reducing duplication/server space).
Given these advantages, there are some disadvantages to using firewalls;
- certain types of access may be hampered or even blocked
- Your PC may be slow - or some functions not work properly
- Firewalls concentrate security in one spot - so a firewall break could be a disaster
- Few vendors have offered firewall systems until just recently so the market is a new one... and so relatively untested
For PCs, software firewalls run on standard PC equipment, and either come with their own secure operating systems, or are written to work standard Unix or Windows operating systems.
It's not necessarily the most expensive firewall that offers the best level of protection, and it's important to apply some general rules. Such as;
- always implement a firewall on a dedicated piece of hardware, whether it's a high-end server or a modest PC that's required to run it
- Support for the various security standards is also vital, and here you're looking for software that conforms to the Secure Sockets Layer 3.0 specification, as a minimum, plus the ability to fit in with any existing authorisation mechanisms already in place on your network
- And don't forget the impact on performance. Simple packet filtering is by far the most efficient(more sophisticated application level gateways often a lot slower)... and you might need to modify your browser settings to work with proxy servers, although most firewalls now provide this option as standard.
Remember that you get what you pay for too!
| PC Firewalls for Sale |
Check out Mcafee (rated #2 in consumer tests by PC-World)for a free 10 day trial - should work well with Mcafee Active Shield or Macafee Anti-virus. Costs about $50 US http://www.mcafee.com/pr_register_final.asp?hidService=FIREWALL&hidAction=TRIAL
If you are running Norton Anti-virus, check out Norton Internet Security 2000 or Norton Personal Firewall 2000 (rated #3 in consumer tests by PC-World). Go to http://www.symantec.com/sabu/nis/index.html . It's about $80 US (no free trial).
BlackICE Defender (rated joint-first in consumer tests by PC-World) claims to deliver "bulletproof intrusion detection and personal firewall protection to your PC". It scans your DSL, cable, or dial-up Internet connection looking for hacker activity. Registration is $40 US. For a 30-day trial, go to BlackICE
ZoneAlarm (rated joint-first in consumer tests by PC-World) is freeware, found at http://www.freeware-guide.com/month/022000.html. Some people may have problems with email and virus scanners using this software (depending on your system configuration), so if you have any problems - uninstall ZoneAlarm before you panic.
There is a security firewall that is freeware for private use, from Sybergen (rated about 10 in consumer tests by PC-World) . Sybergen Networks have released this product - Sybergen Secure Desktop Details on the web site, and the firewall is also available for download from ZDNet. This is my personal favourite - and I am using this. No cost, and it has a learning mode, so you can leave your security at "high" and add the web and email applications that you use as you use it.
Trend Micro is another company offering firewalls. This may be more of a corporate offer, but there is a 30 day free trial. They say "InterScan VirusWall provides high-performance three-in-one Internet gateway protection against viruses and malicious code. The optional eManager adds spam blocking, content filtering, and email scheduling"
BOClean states that it's version 4.06 software protects you against trojan horse programs, and that unlike "freeware" and "shareware" programs which behave like virus scanners, BOClean is fully automatic, detects an "incident" in 10 seconds or less and removes it completely without the need to reboot or terminate the connection. This costs $50 US
WinProxy claims to provide "everything you need to simultaneously connect all your computers to the Internet with one connection from your existing service provider with inline virus protection and site filtering". Registration is $60 US. Get a fully featured 30-day demo at WinProxy
VirusMD Personal Firewall will monitor up to 12 user-selected ports at a time, including negative ports that most modern firewalls miss, and it will sound an alarm klaxon when an intruder is detected. It will also send a message of your choice back to the hacker, allowing you to inform them that their attack has been logged and will be reported to the authorities. This tool also features an ultra-rapid port scanner, an application killer, a list of common trojan ports, and numerous logging options. This is the full version of the program. It does not have nag messages or time or use restrictions. Registration is $20 US.
And this last one is not a firewall, but PC Security software. TaskGuard 2000 keeps on eye on your PC when you're not around. This software lets you monitor the activity on your machine and create detailed reports of what applications are being used, when they are used, and for how long. You can also disable any Windows program and lock users out of your Control Panel, Registry, and display settings. http://www.pcworld.com/r/shw/1%2C2087%2C7390%2C00.html
There are heaps of others out there. I suggest that you try the shareware or low cost version if your PC is not essential to your business. Congratulations! You have the freedom to experiment!
If your PC is essential to your business, try Sybergen, or go with a firewall that is built to be used with your anti-virus software.
| Short & Hot Keys... and now tips |
This time we have some easy shortcuts for getting around MS programmes using the control key and A;
- Access "Select the entire Help topic" or "To select all records" CTRL & A
- Word "Select All" CTRL & A
- Word "All Caps" CTRL, Shift & A
- Publisher "All text in a text frame, the entire story in connected text frames, or all text in a table cell" CTRL & A or F8
- Excel "Display the Formula Palette after you type a function name in a formula" or "Select the entire worksheet" CTRL & A
| Hot Linx |
Another site to add to the Download.com site mentioned in the last newsletter is http://www.freeware-guide.com/month.html
This's likely to be a newy for you - the US National Science Foundation.
Forget About Post-it Notes - if you have notes stuck on your monitor and strewn over every nook and cranny of your desk, this freeware program may be for you at TurboNote
There are more than a billion pages on the internet, so Apple created iReview--to make it easier for you to find sites that are truly worth your time. Check it out at http://www.apple.com/ireview/
Check out this website for yet more Inspirational Quotes http://www.geocities.com/Hollywood/Hills/2844/QP1.htm
Catch you again soon!! E-mail your suggestions to me here
