Chuck The Geek.com

Is your PC secure from Internet hackers and worms? Check both of your firewalls!

February 2nd, 2006 by Chuck Sharp

A firewall in its most basic form is something that limits or completely blocks other computers from connecting to your PC or network. Think of a basic firewall as a one-way valve: your computer can make connections to machines on the other side of the firewall, but those computers can’t connect to your PC. They are essential for computer and network security.

There are many dangers to your PC on the Internet. There are hackers and hacker wannabes that will try to break in to your PC. Why? Because they can, because they might find valuable information, who knows? But they have tried and will continue trying to do so to your PC. There are also computer worms. These are bad news. Most worms today are programs that are built to break past the security in Windows XP. When they do, they run a copy of themselves on your PC, and then that worm works on breaking into as many other Windows PCs as possible. These worms can steal data, send out spam emails from your PC, and make your computer a ‘zombie’ that’s under the worm’s control to do whatever it wants. Firewalls stop worms from connecting to your PC from other Windows computers on the Internet.

For those reasons alone, you need a firewall.

More advanced firewalls ofter more advanced protection. Some can block certain outgoing connections as well. For example, you might setup your firewall to block all network traffic (all connections and data) between your LAN and the Internet, except for email and web surfing. So, if your iTunes application tried to connect to Apple’s network to check various things (and it does, by the way), the firewall would stop that traffic. It would not be able to make a connection. The more important thing about blocking outgoing traffic is that you might stop a computer worm or virus from spreading outside your local network, if one of your PCs were to become infected.

Now, there are two types of firewall devices, software and hardware. If use a router device as part of your home Internet connection, you’re already using a type of hardware firewall. Hardware firewalls are physical devices that have network cables that connect to your local network, and separate cable that connects to the Internet.

**Note: a cable modem is not the same as a router. You can get cable modems that have routers built-in, but they are not the same thing, and a cable modem by itself does not provide firewall capabilities.

A software firewall, on the other hand, is a program that runs on the PC itself. Products such as ZoneAlarm and Windows built-in firewall are examples of software firewalls. These provide the same kinds of protection that hardware firewalls do, except they protect only the PC that runs the software. They also often provide other features, such as notifying you when a new program is run the first time, or trying to connect to the Internet, or when something from the Internet is trying to connect to your PC. Most of these products ask you if you want to allow or deny that program or connection.

How to tell if you have a firewall

To see if you have a hardware firewall on your home network, look for a router. If you have a box that one network cable connects to for the Internet, and it allows for more than local computer to connect to it (several other network cable ports, usually four), then you are using a router and therefore probably have a hardware firewall.

To see if you have a software firewall, on each PC in your local network, look for the following:

• In Windows XP, look in the Control Panel for the Windows Firewall panel. Double click on that, and see if the On (recommended) setting is selected. If it is, you are currently using Windows built-in firewall software.
• Look at the little icons in the taskbar (lower-right corner of the screen). Move your mouse cursor over the icons and look at the little yellow pop-up descriptions. Also right-click on the programs and look for keywords like ZoneAlarm, Kerio, Norton Internet Security, Firewall, etc.

If your have a firewall installed, great! It’s time to test your firewall(s). Go to GRC’s ShieldsUP! to probe your firewall from the outside. This website runs a program that looks at your PCs network address and tries to connect over 1000 different ways. It ought to tell you if you your firewall is on and leak proof.

Why you need both a hardware and software firewall

Hardware firewalls are reliable, fairly heavy duty devices. If they are setup to block traffic, by George, they’ll block it. They have two limitations, though. First, they can only block network traffic on a fairly simplistic level because they have no direct communication with Windows on your PC. That means that it can’t say to allow instant message traffic only to the Windows Messenger program, or only allow Firefox and Outlook to connect to the Internet, but not to websites x,y, or z. Second, they can’t protect the PC from other PCs within the local network, in other words, inside of the local network, fires can spread. If one computer has a worm on your home network, it could spread to your computers.

Software firewalls, on the other hand, don’t have those limitations. They protect the PC from all other computers, unless explicitly told to stand down, and it offers better filtering of certain traffic. So, they might block network connections to advertising/pop-up sites, adult content stuff, or other undesirables. Unfortunately, software firewalls a limitation as well. The problem is that they are just programs. It may be possible to get past a software firewall with the right tricks. Also, just like any program, these have to actually be running to protect the PC. If they get shutdown accidentally or unknowingly, or before they start running when the computer is starting up, the computer will be at risk for being attacked.

You need both kinds of firewalls to cover the gaps of each other. Together, a hardware and software firewall make an impressive team.

Firewall software

If you’re using Windows own firewall, that’s better than nothing. However, there are several products that provide better protection and more options.

Perhaps the most highly acclaimed firewall product is ZoneLab’s ZoneAlarm. This is a completely free product that is simple and excellent at what it does. It doesn’t have all the bells and whistles of it’s commercial big brother, ZoneAlarm Pro ($49.95 USD/ per year), but it does fine. The commercial version is about as good as you can get though, and I highly recommend it if you want the best protection possible. You can actually purchase ZoneAlarm Pro from Zonelabs directly and get $10 off instantly (that’s a great deal, really) by following this affiliate link (yes, I get small affiliate commision for these sales):

Download ZoneAlarm Pro and Save $10

More sources of information

If you want to learn more about firewalls, visit some of these sites:

• ShieldsUP! has a lot of information at the bottom of the page. Steve Gibson is a computer security guru.
• Howstuffworks “How Firewalls Work”
• SecurityNow podcast on routers and firewalls
• firewallguide.com

Technorati Tags: firewall, network, network security, Internet, hackers, computer worms, security, Windows XP, router, software firewall, Windows, ZoneAlarm

Entry Filed under: PC Basics