A 'firewall' is a way of protecting your computer from incoming threats, usually via the Internet. I like to think of it as a giant elastic band pinging away the gremlins, but that's probably just me.
If you have a Windows computer, then you most likely have Windows Firewall enabled by default. You can change the settings to make it more or less secure (i.e. make it more or less laid-back about potential threats), and you receive pop-up notifications in the bottom right of your screen when the firewall is blocking something. There are pros and cons to Windows Firewall - as it's from such a big company and so widely used, then it's automatically a target for hackers and the like. On the flip side, however, it's made by Microsoft and designed to be used with Windows software and computers, so maybe it does a better job than other alternatives.
There are other types of firewall available, and some are bundled with anti-virus software suites. To be honest I've always been a bit wary of these, especially as I think Windows Firewall does an adequate job, though it can occasionally get in the way of installs as it refuses to let some downloads through (though this is true of any firewall software). In this case, if you're sure your download is secure, then lower the security settings a bit more. In extreme cases you can turn off your firewall completely, though I strongly recommend you completely disconnect your computer from the Internet first to prevent any attacks.
Firewalls should not be used in place of anti-virus or anti-spyware software, but used in conjunction for maximum protection. As they tackle jobs in different ways, it's best to have a comprehensive solution and include all of them. Many wireless routers also have a built-in firewall for extra protection, but you should never be without one on your computer, even if you have an Apple Mac.
If you are reading this review, it means that its very often that you browse the internet, and it also means that this review can be of great help to you, so read on.... What is a firewall anyway? In the simplest of words, a Personal firewall is a piece of software designed specifically to protect a single computer. It does this by operating in two basic ways. Firstly, it prevents any applications or portions of the OS from communicating over the internet unless you give explicit permission. Secondly, it protects the computer against incoming attacks. When someone scans a common port range on your computer, they may be looking for a number of things, for example trojans, open ftp servers and so on. A firewall closes all these holes, so portscans from the outside can?t find an opening. Rather than simply telling the hacker that the ports are closed, a good firewall employs stealth techniques, whereby the scanner does not get any response at all, therefore giving no clues whatsoever about the nature of your PC, or even whether it is actually online or not. Sygate Personal Firewall Background This is a product with a long history, dating back to when the company was called Sybergen many years ago. Its claim to fame was that its was the first domestic firewall to use stealth technology. Now, Sygate is providing this excellent firewall free for personal use and there is a professional edition for business users which can be bought on www.sygate.com. Installation and Validation: 9/10 Installing is extremely easy and there is no irritating user interview procedure (as in Zone Alarm and many others) as this firewall sets itself up effectively in the beginning. Though it does not run an initial application scan, it does require the user to validate each individual application when it first connects to the Net. I found this procedure to be much less painful than other firewalls. Performance: 10/10 In use, Sygate Personal Fi
rewall is as solid as can be, and the program passes all the probes, leak and trojan tests with flying colours (There?s a test option which takes you directly to a site which tests for all the trojans) When an inbound attack or scan occurs, Sygate pops an alert from the System tray, logs it and blocks traffic from that IP address for a short time, all automatically. By switching on to the Security Log Screen a backtrace can be performed to locate a particular attacker with a single click and Sygate does not just run a WHOIS check on the address either, but a full TRACEROUTE to provide as much diagnostic information to help you report an offender to their ISP if you desire. Looks and Price: 10/10 The main screen of the Sygate Personal Firewall resembles the Windows Task Manager screen with three real-time graphs showing Inbound traffic, Outbound traffic and Attack History. Every time I see this window,there?s this feeling of reassurance that can?t be expressed in words. I think Sygate has struck the perfect balance between user friendliness and advanced features, and the pleasing multi-window interface puts all the information at your fingertips in a small amount of screen space. As for the Price, its free. Just download it and install it, thats it! Overall: 9.5/10 Sygate Personal Firewall comes across as a wonderfully balanced product. Its small, extremely secure and even more easy to use. I have used Zone Alarm 3.0, McAfee Internet Security 4.0 and Norton Internet Security 2002 and the experience is never that great..they all have wonderful extra features but they simply scare the daylights out of me when something goes wrong and you gotta pay from your pocket for all of them. Sygate firewall has come across as an extremely soothing piece of software. For me, its been install-it-and-forget-it fare...its that capable. To sum up, I recommend this product with no hesitation, no repitition and no deviation. Just log on to w
ww.sygate.com and download it folks!!! System requirements: CPU: 100 Mhz or greater RAM: 16 MB OS: Windows 98 or greater Hard drive space : Just 1 MB Comments and questions are always awaited.....
Private Keep Out! That’s the way you want your computer to be and there is no better way than to keep your machine private than by using a Firewall. How many computer users using Windows Operating System and Microsoft software know just exactly what happens when they boot up their computers? The first thing that happens once a computer is up and running is that Windows Explorer tries to send a data stream to presumably Microsoft and continues to do so at intervals until the computer is switched off. Whether the computer is connected to the Internet or not makes no difference as WE goes about its task with robotic fervour. The next thing to happen behind the scenes is for Microsoft Word to do exactly the same. When on-line, programmes like Windows Media Player and Real Jukebox and Real Player all do their darndest to communicate with ‘head office’. I have known Real Player to try every minute for 15 minutes before it gave up for a while and then had another go later on. How do I know this? My ZoneAlarm Pro3 blocks the attempts and logs them. I have no idea what the content of the data is and unfortunately neither does ZoneAlarm but I am told that it is nothing more than a programme seeking to find out if there is an update available for it and to give the user the opportunity to get that update if they wish. Off course in the meantime Microsoft is told that your computer has become active and you are using whichever programme it is – and what else? Other programmes do something similar but they do it openly. So what is so wrong with your computer snitching on you behind your back? OK! So imagine this. Every time that you wake up and get out of bed, some invisible person sat in your living room is phoning your landlord, Council or mortgage provider that you have got up and are using the bathroom, kettle and making a brew and getting ready to ………….. You would consider this to be an inva
sion of your privacy and to have software do something similar is also an invasion of your privacy. You bought the software and you do not expect it to tell its maker when you use it and what you use it for under the guise of seeking an update. Stopping such outward-bound communication is just one aspect of ZoneAlarm Pro 3 as it will also block anything coming in unless you tell it otherwise and to boot it will also scan incoming emails for hidden nasties and a host of other things. In short YOU decided what comes in to your computer and what goes out and not some programmer thousands of miles away. Using the alert window that comes up when an intrusion has been detected you can even track where that intrusion came from and often get an email address of the person causing the intrusion. But be aware that all is not as it seems because an attack could have been routed and probably was, through an innocent person’s computer or even ISP. But keeping a log of such activities can help in establishing IF the attack is coming from the given email address/ISP/Server and you can then take the recommended action. A map will show which location in the world your attack has probably originated. By reputation ZoneAlarm is one of the best Firewalls around and in my view worth the $49.95 (£31.82 approx) that it costs by buying on-line, which gives you not just the product but also 12 months of free updates. After which you can buy a further 12 month’s worth of updates for $19.95 (£12.70) and the 12 months starts from the day of update purchase and not the expiry of the initial 12 months. System requirements: IBM PC or 100% compatible, Pentium processor 233 MHz (450 MHz or higher recommended), Microsoft® Windows® 98/Me/NT/2000 and XP, 32 MB RAM (64 MB or higher recommended), 10 MB Hard disk space. Log onto http://www.zonealarm.com and you will be faced with a clean bright page with links to Zone Labs various products. Clicki
ng on ZoneAlarm Pro 3 ‘More Information’ will take you to the page where you can view a demo and also download the software. You will need ‘Macromedia Flash’ to view the demo but ZoneLabs have thoughtfully provided a link to enable you to download it. Even if you do not buy ZoneAlarm Pro 3 (currently at version 3.0.134) you end up with a free Flash Player. It took me about 20 minutes to download the 3.4MB file on my 56K modem and shortly after the download is complete you will get an email with your licence key and other purchase details. If you already have a previous version of ZoneAlarm on your machine you MUST un-install it before installing your new download. This also applies to updates. Once installed you get a brief overview of the programme to enable you to set whatever parameters you want and a help file goes into more detail. So just what does a Firewall do for you? ZoneLabs puts it more eloquently than I could do so this is what they state: “Any personal computer connected to the Internet is a potential target. Hackers randomly barrage Internet connected PCs with "pings" or "port scans", probing to find unprotected PCs. Once found, a hacker can compromise your PC with a dangerous Internet threat - Trojan horse, spyware or malicious worm. ZoneAlarm Pro's TrueVector® technology combines a personal firewall with Program Control to protect your PC from intrusions and hostile attacks. ZoneAlarm Pro's firewall barricades your PC with immediate and complete port blocking. And, then runs in Stealth Mode to make your PC invisible on the Internet - if you can't be seen, you can't be attacked. Unlike other personal firewalls, ZoneAlarm Pro includes Program Control to protect against known and unknown Internet threats. Program Control monitors all outbound traffic to prevent rogue programs from transferring your valuable data to a hacker. With ZoneAlarm Pro, you
're in control with the ability to specify which programs, known or unknown, can be trusted to access the Internet. With new Internet threats appearing daily, why risk it? Protects against worms, Trojans, spyware, and other malicious threats Blocks unauthorized connections, pre-empting known and unknown attacks Provides email protection against 46 suspect file types Eliminates annoying ads and pop-ups Advanced MailSafe email attachment protection Automatic Intrusion Blocking Improved Program Control Enhanced Hacker Tracking Performance Ad Blocking Cookie Control Internet Ad Blocking WHOIS" Hacker Tracker Automatic Network Detection Password Protection Customizable Security Controls” Just how good is ZoneAlarm Pro 3? So far this year it has stopped 1,426 attempts to get into my computer with literally thousands of attempts by programmes wanting to send data to their ‘head office’. About half of the 1,426 attacks were classified as ‘harmless’ but the remainder were attempts to implant Trojans, Scan my computer for data, Attack it and some were classified as unknown. Had any one of them succeeded my computer could have been used as a proxy server through which virus containing emails and illegal downloads could have been routed thus making it difficult to trace the source and could have even got me to take the blame. Had a ‘hacker’ been able to plant his nefarious little programme on my machine it would have enabled him to take actual control of my computer when I am on-line. I had this demonstrated to me where the other person, with my permission, was able to delete what I typed as I typed it. He was able to use my programmes for his own purposes and even turn my screen picture upside down and produce rude noises from my speakers. He sent me an email from MY OWN email client and I knew nothing about it until I received it. He could even
direct what web sites I viewed regardless of what I chose. For those not keen on forking out nigh on fifty bucks to protect their computer there is a free version that works effectively, just doesn’t have many of the extras and is available from the same web site. Going on-line without a Firewall in place you dice with not exactly death but certainly with major problems.
Been looking at Firewalls and thought that I would pen a line or two. For the past month or so, mad Zorba the geek who gets in our boozer, has been yammering on at me to get a firewall or suffer the dire consequences of an uninvited visit from an Internet hacker hell bent on mayhem. With this in mind dear reader, I set forth to procure just such an artefact for the princely sum of precisely bugger all (or as close to it as I could manage). Hehe! However, I am getting ahead of myself here. As is usual with my ramblings in this mighty DooYoo organ, rather than just assume that you know what a Firewall is and why you want one, I will first attempt to explain a bit about 'em and what they do before discussing a few actual examples. If you already know all of this stuff then you can skip straight to the Zonelabs bit. It's a funny old World we inhabit. While most folk are basically legal, decent, honest and truthful, you do tend to get one or two complete twats in the mix as well. It's these latter that we are concerned with when implementing Firewalls and the like. A good Firewall will keep some of the bad guys out, however - Rule number 1; a Firewall is NOT a panacea. It won't keep ALL of the bad guys out and there are additional precautions, which you must take if you want to make sure that your computer stays healthy, and your credit card numbers remain known only to yourself. The prime job of the Firewall is to prevent an unauthorised person, or person-emulating program, from gaining direct real-time access to your PC. A good example of the kind of fuck up that a Firewall won't catch was the "ILOVEYOU" fiasco. For those of you who aren't aware of what happened; the ILOVEYOU worm was contained in an e-mail that carried the heading "I Love You". When you opened the e-mail (all a quiver to ascertain who had sent you a love letter) and clicked on the enclosed attachment you activated
the rogue program. Firstly, it would send a copy of itself (via e-mail) to every address that it found in your address book, then it would replicate itself into your PC in such a way as to be quite difficult to remove unless you knew what you were doing and finally, for good measure, it would destroy any JPEG or MPEG image files it found on your hard drive. The ILY virus worked because it came in through a door that was already open - the one that permits e-mail. ILY was actually quite naïve in the way that it worked. Most experts agree that it only ranked a very poor 1.5 on a scale of 1 to 10 for smarty-pants virus programmes. Nevertheless, at the time, it scared the corporate western world half to death. Before ILY hit, most large companies thought themselves to be safe from virus attack. While the attack was actually going on, many of them simply threw in the towel and closed their networks down completely. It cost billions of dollars in lost production. Most security authorities nowadays, with twenty-twenty vision in hindsight will tell you that it never should have happened. They justify this assertion with the statement that we should not allow e-mail with attachments (it was the attachment which carried the virus) onto our sites. In my humble opinion this is pure horseshit. I am buggered if I am going to let some twat of a hacker dictate to me whether or not I can send and receive attachments in my e-mail, an otherwise very useful capability. In my view the answer is not to ban attachments, as a lot of large corporates have done, but to use better virus checking software that will vet the attachments on the way in. Otherwise we have admitted defeat and the twats have won. In any event, I digress. The point is made. In addition to your Firewall you still need good virus checking software. Some "Firewall" type jargon for you. You can think of a big sophisticated Firewall as being like a sandwich. The
re is the bit that deals with the big nasty Internet and all of the baddies. We call this the "Red" Zone. On the other side is the bit that deals with the nice safe internal LAN, or network. We call this the "Green" Zone. Finally, in the middle of the sandwich, where the filling would normally be, is a netherworld known either as the "Orange" Zone, or more commonly, the "DMZ" The term originated during the Vietnamese War and it stands for "De-Militarised Zone". It kind of means an area between two warring factions where no fighting takes place. The DMZ is an area that has some protection from attack but not as much as the Green Zone. It is where big companies keep their web sites and mail-servers, stuff that has to have an Internet presence but doesn't allow an external user fully in to the "Green" Zone. Architecturally, there are two distinct kinds of Firewall. They are called "Filters" and "Proxies". Filters work by examining the inbound and outbound Internet traffic and deciding whether to let it through or not. You can think of it like the "City Guards" in corny movies about medieval England. Each person wishing to pass through the city gates is stopped and searched before being allowed to carry on or thrown into the moat! Because they operate at the "packet" level, you need to be pretty smart to understand or outwit a Filter. However, filters are rarely user-sensitive, in other words they don't know which user they are operating on, other than by IP address, which in a dynamic environment can be constantly changing anyway. Therefore filters tend to be much more geared towards stopping in-bound attack than policing outbound queries. Proxies, are more sinister in nature. The anarchist in me hates the bloody things. A proxy is a program that you talk to which will talk to the Internet on your behalf, - hence the name. Th
ey tend to be more concerned with deciding where you can go and what you can do on the Internet then they are about preventing inbound attack. They will often demand that you sign-on to them and then keep a record of where you go on the Internet and what you do when you get there. The big Corporates love them! Many of you will be forced to use the Internet through a Proxy at your place of work. While it may sound trite and simplistic, if my employer used one then I would be on the lookout for another job. The thought of some jumped up jobs-worth being able to examine where I had been on the Internet makes my blood run cold. Anyway, enough New Age politics, let's look at a few cheap Firewalls... First up is a Windows item. The cheapest I could find (being free for personal use) is ZoneAlarm from a company called Zone Labs. They can be found at www.zonelabs.com. Don't be distracted by the website's clever attempts to get you to part with your credit card number. Stay doggedly committed to the acquisition of the "free" personal version and you will triumph in the end. Zonealarm is a very professionally put together piece of software that works beautifully straight out of the box. However, there are a few things to be aware of... Firstly, the default settings for the product are a little "over zealous" for most users. There are two main settings for the system, one to control access to and from the Internet and one to control access to and from your local LAN (if you have one - they seem be increasing in popularity as families acquire more than one PC). For most purposes, you can set both Internet and LAN security to "medium". ZoneAlarm has a "guilty until proven innocent" attitude to traffic on the two networks and initially; it will stop just about everything it sees. Fortunately, at least as far as the Internet is concerned, it always asks for your permission and it can remember yo
ur answers so it will gradually "learn" what you want to allow and disallow on your system. As it says in the user's guide "starts off noisy, soon settles down"! When you do get an "attack" on your system - and believe me you will be gobsmacked at just how often it happens, Zone Alarm will inform you of the event and will even give you a little advice on how serious the attack probably was (in order to get the full SP you have to upgrade to ZA professional - and that costs money). In any event ZA will usually catch any attempt to hack into your system (at least as far as I know!). There are a few downsides to ZA but I suspect that these will apply to any Windows based product, however, in no particular order, here are a couple that caught me out... Be very careful if you run any full-screen games that use the Internet. They can get into a "fatal embrace" with ZA and lock up your computer. I have a copy of Unreal Tournament on my PC and I use it to compete against other players over the Internet. Here is what happens... Run UT and it takes full control of the screen in preparation for the game (i.e. it turns off Windows). Choose "Internet Game" from the menu and UT attempts to contact the UT central server on the Internet in order to find other players. ZoneAlarm spots this and stops the outbound request to the central UT server, it also puts out a Windows message box asking you if it should allow the request to continue and then patiently waits for you to reply. Unfortunately, you never see the message because UT has taken over the screen and it is patiently waiting for its Internet request to complete - which of course can't happen because ZA has stopped it. Result - one dead computer. Because games like UT disable the "Ctrl+Alt+Delete" sequence you can't get out of the situation without switching off your machine. You can prevent it from happening in the first pl
ace by specifically telling ZoneAlarm that UT is allowed to access the Internet. However, you never realise these things until its too late! Another annoying, though less fatal, trait has to do with the way in which ZA treats LAN traffic. If you haven't explicitly told it about a given transaction then it will simply stop it without even asking for your permission. A good example is file sharing. You can set it up within Windows but if you don't tell ZA to expect file requests from such and such a computer then you might as well piss in the wind. Additionally, you have to identify all of the computers on your LAN to ZA if you are going to use an Internet Sharing facility such as ICS or Sygate, otherwise ZA will intercept and stop Internet sharing as well. Like I said, as policemen go, ZA is a bit on the picky side! Whichever Windows based Firewall you choose, you tend to end up with a Gateway/Firewall/Printer PC that manages all of your Internet, security, networking and printer access on behalf of all of the other PC's in the household. Quite often it will be the main file-share server as well. In my house, we ended up with a fairly high-spec PC doing the job (Celeron 550 with 256Meg and a big 60Gb shared drive). This overkill offended my tender sensibilities (tightness) and I set out to look for possible alternatives. The ultimate goal being the ability to free up the big Celeron machine for other uses within the household (like as a games machine for number one son). An hour or two's research work on the Web suggested that my problem could be solved by running a small Linux server instead of a big Windows equivalent... Hmm... Because of the way in which Windows is architected, it is particularly vulnerable to attack, either by a human hacker or by a Virus. This is largely due to the fact that it is, and always has been, a single user system. Consequently this means that a rogue hacker or prog
ram, once inside your PC, can do pretty much what it wants without Windows naturally interfering (in the absence of any kind of Virus checking or cleansing software). Linux, and UNIX, on the other hand, being built from the outset as multi-user systems, are more naturally inclined towards keeping an eye on what programs and users are attempting to do and stopping them if necessary. Even if someone did manage to break-in, they can usually only do damage to the user account that they have compromised. They will still be stopped from going elsewhere in the machine and thus avoiding total destruction. As if that wasn't enough, Linux in particular, comes pre-configured with tools that make it very easy for a program to inspect the TCP/IP packets as they arrive and depart. This means that it is damn near the perfect platform for building fast, small and highly efficient Firewalls. The final piece of the jigsaw, the thing that will help make your internal LAN, not only safe from attack but also easier to use, is a feature known in the Linux World as "IP Masquerading". This is much the same as Internet Connection Sharing (ICS) in Windows however it can be accomplished using a tiny little program rather than a full blown Windows system. If you bring up Google (www.google.com) and do a search on "leaf" you will find that it stands for Linux Embedded Appliance Firewall. Leaf is an open source project to create incredibly fast and efficient Firewalls using Linux as the operating system. The easiest of these to install, particularly if you are a Linux "newbie", is called a "Dachstein Image" and you can get a copy from http://leaf.sourceforge.net/. It's completely free. Download the Dachstein ".exe" file and run it on your Windows PC. It will create a single bootable Linux floppy disk. You can now use this disk to bring up a separate Linux PC that will act as your
Firewall and Internet connection-sharing device. Almost any old PC bigger than a 486 will do and you will be stunned at how fast it will run your network, particularly if you are coming from using ICS or Sygate or some other such Windows alternative. The Dachstein image will run in about 12 Meg of memory and you don't need anything else in the PC except a couple of Ethernet cards (no CD, no Hard Drive, - just a floppy to boot from). One of the Ethernet cards talks to the Red Zone (Internet - actually your ADSL or Cable Modem) and the other to the Green Zone (your internal LAN). In addition the Dachstein image runs a DHCP server for all of your LAN PC's so the only set-up you need do with them is to tick the "Obtain an IP address automatically" box in the networking section. I picked up an old PC from the car boot for less than forty quid and it is running all of my Firewall and Internet sharing quite happily. The only tricky bit in the whole exercise was installing the correct Linux drivers for the Ethernet cards and even that proved to be easy peasy - the simple installation manual gives full instructions. In order for the Firewall to run "headless" (no screen, no mouse, no keyboard) you need to tick "IGNORE ERRORS" in the BIOS set-up otherwise you will get a boot error when the BIOS detects that the keyboard is missing at start-up. Other than that, I connected my forty quid diskless PC to my cable modem (NTL) and my internal LAN, booted it up from the floppy disk and it just bloody worked! Amazing. Mission completely and utterly accomplished. Got myself a free Firewall and liberated a big Windows PC which is now doing its new job in number-one son's bedroom. Even Zorba the Geek was impressed when I told him. Bloody marvellous!