October 2007
Firewalls
How to protect what moves in and out of your Internet-connected computer
All computers, regardless of operating systems, can be vulnerable to hackers intent on planting "trojan horse" programs that
let them steal your information or involve your computers in nefarious activity. You can help forestall digital disaster by
installing a hardware or software firewall, which can filter out those intrusions or render them harmless.
WHAT'S AVAILABLE
Firewall software is available either as part of your operating system or from a third-party vendor. Some of the most popular are Sunbelt Personal Firewall ($19.95), ZoneAlarm Pro ($29.95 with one year of updates) and Comodo Free Firewall (freeware). Also, firewalls are usually included in the security suites of major software vendors. Those suites, which include Trend Micro PC-cillin Internet Security ($50 for three users with one year of updates), ZoneAlarm Internet Security Suite ($50 for three users with one year of updates), and McAfee Internet Security Suite ($70 for one user with one year of updates), also include anti-virus and anti-spyware applications. Firewall software might also be available free from your Internet Service Provider, so check with your ISP before you buy.
HOW TO CHOOSE
Two-way blocking. Better firewalls block inbound and outbound threats. Those are referred to as two-way firewalls. Outbound blocking has gained importance with the proliferation of instant messaging and file sharing. Miscreants can use those programs to install Trojan horses, which can turn your computer into a "zombie" and add it to a botnet to send spam, act as a server, or steal personal information. Unlike Windows XP, Windows Vista includes a two-way firewall, as do several third-party applications.
A good outbound firewall should block communications from any program not on its list of known, trusted programs, and ask the user whether to allow or deny it to do so, based on the information it supplies about the program. In the case of Windows Vista's firewall, you need to enable the outbound capability, which is turned off by default. Otherwise, Vista fails the basic requirement of blocking a new program it doesn't know and helping the user set up a rule to block or allow it. Even when enabled, the Vista firewall is difficult to manage, so we recommend a third-party firewall.
Before you install any new firewall program, be sure to uninstall or disable any other firewall programs you might have on your computer, including Vista's, to avoid conflicts. After installation, be sure to test the firewall to make sure it's configured correctly. A good website to test firewalls is www.grc.com/lt/leaktest.htm. Once everything's up and running, check the vendor's Web site for updates and configure the software to download updates automatically.
WHAT'S AVAILABLE
Firewall software is available either as part of your operating system or from a third-party vendor. Some of the most popular are Sunbelt Personal Firewall ($19.95), ZoneAlarm Pro ($29.95 with one year of updates) and Comodo Free Firewall (freeware). Also, firewalls are usually included in the security suites of major software vendors. Those suites, which include Trend Micro PC-cillin Internet Security ($50 for three users with one year of updates), ZoneAlarm Internet Security Suite ($50 for three users with one year of updates), and McAfee Internet Security Suite ($70 for one user with one year of updates), also include anti-virus and anti-spyware applications. Firewall software might also be available free from your Internet Service Provider, so check with your ISP before you buy.
HOW TO CHOOSE
Two-way blocking. Better firewalls block inbound and outbound threats. Those are referred to as two-way firewalls. Outbound blocking has gained importance with the proliferation of instant messaging and file sharing. Miscreants can use those programs to install Trojan horses, which can turn your computer into a "zombie" and add it to a botnet to send spam, act as a server, or steal personal information. Unlike Windows XP, Windows Vista includes a two-way firewall, as do several third-party applications.
A good outbound firewall should block communications from any program not on its list of known, trusted programs, and ask the user whether to allow or deny it to do so, based on the information it supplies about the program. In the case of Windows Vista's firewall, you need to enable the outbound capability, which is turned off by default. Otherwise, Vista fails the basic requirement of blocking a new program it doesn't know and helping the user set up a rule to block or allow it. Even when enabled, the Vista firewall is difficult to manage, so we recommend a third-party firewall.
Before you install any new firewall program, be sure to uninstall or disable any other firewall programs you might have on your computer, including Vista's, to avoid conflicts. After installation, be sure to test the firewall to make sure it's configured correctly. A good website to test firewalls is www.grc.com/lt/leaktest.htm. Once everything's up and running, check the vendor's Web site for updates and configure the software to download updates automatically.
