Hack 99 Surround Yourself with a Firewall

Protecting yourself from incoming and outgoing threats is easy with personal firewall software.

The great thing about the Internet is that it allows connectivity between millions of users anywhere in the world at any time. The bad thing about the Internet is that it allows connectivity between millions of users anywhere in the world at any time. Expecting your Internet Service Provider (ISP) to protect your PCs from the Internet's hacker community is like expecting your local police and fire departments to prevent burglaries, speeding, traffic collisions, and house fires—it is simply not going to happen. ISPs and Internet users are on the defensive; there are too many opportunities for bad things to propagate on the Internet for them to be effectively proactive.

Personal/desktop firewalls exist to filter a variety of connections, applications, and content from getting into or out of your PC. Windows XP (pre-Service Pack 2) comes with a firewall of its own, the Internet Connection Firewall (ICF), but it is perhaps the least documented, least understood, and least effective PC network protection tool created. ICF does not provide significant control over types of connections (client or server features) nor over abuse by programs that want to get out to the Internet. You deserve better.

XP Service Pack 2 adds a Security Center to Windows that contains a new Windows Firewall that is more robust than ICF, providing the ability to block assorted inbound and outbound connections, application security that alerts you when new programs want to install and run (Figures Figure 10-11 and Figure 10-12), and a pop-up blocker, shown in Figure 10-13, for Internet Explorer.

Figure 10-11. XP Service Pack 2's Security Center alerts you to blocked pop-ups

Figure 10-12. XP Service Pack 2's information bar warning of a pending ActiveX installation

Figure 10-13. XP Service Pack 2's Security Center provides choices about ActiveX installations

Despite their vested interest in the success and reliability of the XP operating system, Microsoft's only risk if their firewall fails is an already questionable reputation for security. Because their efforts at secure computing are still relatively new and unproven, I do not recommend that anyone rely solely on Microsoft for system protection and data security just yet.

10.6.1 Hardware Firewalls

A hardware firewall, typically built into an appliance that serves as a router and hub for your DSL or cable connection to the Internet, offers some protection against incoming threats to your PC or local network. However, you may be amazed at what can get through them to clog up your network. (For example, if a malicious web page causes Internet Explorer to put up a security warning and you ignore it and click OK or Yes, a hardware firewall will not protect you from what you just let in.) Hardware firewalls provide no protection from programs or threats inside your PC or local network getting out to the Internet, which is how your data and perhaps your money gets to someone it shouldn't. Still, a hardware firewall is the first line of defense against remote attacks that don't rely on tricking the user into accepting something he shouldn't.

Even if you're on dial-up, consider getting a router (such as the D-Link DI-824VUP) that bridges your home network and a dial-up network through a backup external modem port. (One model of the Apple AirPort Extreme Base Station, which works fine with PCs, has a built-in 56k modem.) The advantage of such a router is that it is somewhat future-proof: you can plug it into a broadband connection if and when you get it, and it supports wired and wireless home networks.

10.6.2 Software Firewalls

Highly configurable and more comprehensive firewall protection for your PC desktop can be found in products like ZoneLab's ZoneAlarm (http://www.zonelabs.com), shown in Figure 10-14, Norton Internet Security (http://www.symantec.com), and Sygate's Personal Firewall (http://www.sygate.com). Windows XP Service Pack 2 also includes a comprehensive firewall (see Figure 10-15) that can be configured through the new Security Center control panel.

Figure 10-14. ZoneAlarm tracks applications that use your network

Figure 10-15. Windows Firewall in XP Service Pack 2 provides program and port control for inbound and outbound connections

Using a combination of hardware firewall protection to reduce unnecessary "chatter" on your local network and software firewall protection on individual desktops creates a secure environment in which you can feel safe and compute more safely. Using a desktop firewall on each system on your network can also reduce the chances of cross-pollination of malware [Hacks [Hack #97] and [Hack #98]].

With a desktop firewall, you can know immediately if a program is trying to sneak something out of your PC to persons unknown on the Internet and stop the activity before it happens. Your hardware firewall and your ISP simply do not care; they do not know and cannot decide what you want to share over the Internet and what you do not. This level of discretion and protection is your responsibility.