What is a firewall?
A firewall is a piece of hardware or software (or a combination
of both) designed to be a first line of defense against an
unauthorized user accessing a private network. More commonly,
firewalls are used in connection with Internet sites. Think of
firewalls as gatekeepers. All messages coming in or going out are
carefully screened to meet certain select security criteria.
The Love Bug showed us just how vulnerable we are to virus
attacks. But crackers (malicious hackers) are an even scarier
threat, since they silently attack our computers to uncover our
personal information, such as passwords and credit card numbers.
Most of us don't password-protect our machines. And if you use
Windows networking to share files over local networks, you should
know that, by default, it also allows file and printer sharing
over the Web. So anyone armed with your IP address (your location
on the Net) can see anything on your machine.
You may need a firewall.
Since crackers need your IP address before they attack, DSL
customers are open targets. Unlike dial-up connections, which
assign new IP addresses every time you log on, DSL lines rarely,
if ever, change your address. To keep the creeps out, you need
firewall software.
Firewalls provide security by making ports (the channels
through which data passes to and from the Net)
invisible--effectively cloaking your machine. Some firewalls go a
lot further than others, defining rules for specific ports and
applications, rather than general settings. They monitor data that
passes between your machine and the Internet, making sure that
your machine accepts only the traffic you approve.
I use ZoneAlarm which I
have been told offers the most thorough Internet protection for
the lowest possible cost--it's absolutely free for home users. Not
only does this product block unauthorized entry into your PC, it
also cloaks your machine so that crackers don't even know it's
there. This is very important if you are connected full time to
the internet. Plus, ZoneAlarm lets you create different protection levels
for networking and for the Net so that you can, say, share files
with colleagues at the next desk and still restrict remote
computers on the Internet. Don't worry, I don't know how to
do this either
SurinGuard
protects PC users from Internet threats by proactively monitoring
and containing the behavior of downloaded active content.
It's a free beta utility.
Hardware. Those who network different computers together,
may want to consider installing some hardware that acts as a
firewall. There are various packages available out there.
Some common firewall techniques include:
Packet Filter: This technique looks at each packet entering or
leaving a network, accepting or rejecting it based on established
rules. Packet filering is fairly effective and transparent to
users, however it is often difficult to configure. It is also
vulnurable to Denial of Service attacks.
Application Gateway: This method is used for specific
applications, such as FTPand Telenet. This is also effective, but
can result in performance loss.
Circuit-Level Gateway: This is also used for specific
applications, such as TCPor UDP. Once a connection has been
established, packets can flow between the hosts without further
checking.
Proxy Server: This method intercepts all messages entering and
leaving a network. The proxy server essentially hides the
network's true address.
Many firewalls employ two or more of the above techniques. For
additional security, a company may also encrypt. its internal data
so that only authorized users have the correct key.
Problems
Other peoples firewalls, specifically high tech companies and
the government are a pain for the rest of us. They use
so many firewalls, you may have trouble sending people e-mails
-even if you have their e-mail address. If this occurs and
the mail bounces back. You will have to get the person to
send you an e-mail first and then each time you send them an
e-mail use one that you have received from them and reply
to it.
Other difficulties may be in sending attachments or post cards.
