March 1, 2004
Don’t Get Burned Online
In a building, a firewall prevents a fire from quickly burning through, giving firefighters a chance to douse flames, and occupants a chance to find safety. A computer firewall works on the same principle, standing between the system and attackers, holding the line against intruders who would probe your ports, take over your system, launch attacks to knock you off line, crash your computer, mail spam through your machine, infect your system, and more.
If you’re running Windows XP, you don’t even have to go online to find a firewall — the Internet Connection Firewall (ICF) will protect you from a multitude of singes. Here’s how to avoid the burn:
It’s that simple to put up a basic software firewall. You’ll want to graduate from Windows ICF quickly, because it works by comparing inbound traffic to records of outbound traffic and discarding inbound traffic that doesn’t match — the theory being that, if you didn’t originate a request for data, it’s an attack. There is one problem with that: Spyware and other malicious codes already on your PC don’t get stopped from sneaking out. Another problem: Exchange Server notifies Office 2000 Outlook when new e-mail arrives without any outbound solicitation, so the Windows ICF firewall thinks it’s an attack and drops the notification. With a firewall such as ZoneAlarm that lets you grant each program specific permission, the spyware could be stopped and the Outlook mail notification could come in.
HARD WALL OR SOFT WALL?
If you have a dial-up connection — a modem on your regular telephone line — you need a software firewall to protect your system. But if you have a broadband connection — a cable or DSL line running to a network card in your PC — it’s good to have a hardware firewall between the modem and that card in your machine. And if you want to share your broadband connection with other users in your home or office, make that hardware firewall a router.
With a software firewall, attacks are constantly logged. That means hackers are getting far enough inside your computer for the firewall to record the attempts. With a hardware firewall, it’s all stopped outside the PC. If an attack ever began to overwhelm the hardware firewall, it would shutdown, and nothing would get into your PC.
As strong as a hardware firewall is for inbound traffic, you’ll still need a software firewall to catch outbound mischief like spyware and viruses that use your system to send mail without your consent. And if your broadband connection is ever down, and you have to use a dial-up connection, that software firewall will be there to stop the burn.
While offline, click Start/Settings/Network Connections/ then right click the name of your ISP.
A tabbed panel appears. Click “Advanced.” Check the box under “Internet Connection Firewall” that says, “Protect my computer and network by limiting or preventing access to this computer from the Internet.”