|
How_Safe_is_Your_Success_Part_7_of_8
| How Safe is Your Success? Part 7 of 8
"How Safe is Your Success" is a series of eight articles. Each
article addresses a different aspect of a universal problem
which is of particular importance to those who do business
on-line. Most Internet users are at least aware there are
dangers "out there", but few appreciate the real extent of those
dangers, the possible (even likely) consequences, or the best,
most practical and least expensive means of countering them.
This series is intended to at least provide some useful
awareness of the situation.
-------------------------
Part 7 - Firewalls
For most "average" computer users, hearing the word "firewall"
usually evokes one of two responses. The first is along the
lines of "Oh, that's complex big-business stuff – it's not
something I need or could afford". The other group, probably due
to exposure to advertising, online forum discussions, etc.
automatically associates "firewall" with a software brand such
as the well known ZoneAlarm. The latter group have the edge. At
least they know that a firewall is (or more correctly, can be) a
consumer item they could purchase and install if they were so
inclined.
Now, the nature and purpose of this article dictates that I
don't tell all of the story all of the time. For example, I am
now telling you there are two types of firewall to consider. In
actual fact the number of "types" depends entirely on how you
choose to categorize them. For our purposes a simplistic
breakdown is both adequate and legitimate.
The two types we'll discuss are software and hardware firewalls.
The latter usually takes the form of a small "black box" that
plugs into your Internet connectivity device (e.g. cable, ADSL
or dial-up modem) and also into your PC or into some network
component such as a Hub or Switch. By the way, "black boxes" are
almost never black; the term simply denotes a device whose exact
inner workings are irrelevant to the discussion. It is only what
goes in and what comes out that matters.
Frequently called a Personal Firewall because it only protects
one PC, a software firewall is, as the name suggests, simply a
computer program. What software and hardware Firewalls have in
common is that they both receive, inspect and make decisions
about all incoming data before passing it on to other parts of
the system.
A most important difference between software and hardware
firewalls is that the hardware Firewall doesn’t control outbound
communications to any significant degree. This becomes a real
problem once some scumware program that has the capability to
communicate back out to the Internet gets into your hard drive.
On the other hand, the software Firewall offers strong control
over both incoming and outgoing data. You will be justified in
wondering why you need to use two different types that both
control incoming connections. There are several reasons but,
from the point of view of a computer user, as good a reason as
any is “much improved usability”.
The software Firewall’s control over incoming connections is
quite powerful. Using its programmed “intelligence”, it can
analyze incoming data streams. However it cannot make final
“block or allow” decisions without your help until you have
“taught” it how to respond to different situations. It needs to
learn as it goes. In short, the software type will frequently
need to ask you to make decisions on what to do about certain
incoming data packets – whether to allow them in or not.
That’s fine, until the frequency of the alarms becomes
distracting to the point of being annoying. While you are trying
to concentrate on other things in the face of these
interruptions, there is a very real risk that you will take the
easy way out and command the software Firewall to “always allow”
or “always deny” such data packets, without giving careful
thought to the consequences — which could be significant either
way.
The hardware Firewall, on the other hand, enforces a very simple
policy on incoming connections: if the connection wasn’t
requested by a PC from within its “walls”, the connection is
refused or ignored. In most situations such simplistic decision
making is quite OK. If you think about that for a moment, you
will see that the stubborn inflexibility of the hardware
Firewall makes the software Firewall's job much easier. You’ll
recall that the hardware device is a “perimeter” Firewall placed
between your PC (or your network) and the Internet, so it gets
first look at any incoming data. The software Firewall is on a
local PC and thus inside the perimeter, so it only gets to see
incoming data that has survived the hardware Firewall. And the
only incoming data that does survive is that requested by an
internal PC in the first place.
With a hardware Firewall in place, there will be less
questionable incoming traffic for the software Firewall to
analyze, thus fewer excuses for it to bother you with a request
for a decision. And therefore fewer chances for you to give a
dangerous answer.
This improvement in usability is not a minor matter. The
difference can be so pronounced that people who install a
hardware Firewall after having a software type in place for a
while, begin to wonder if the latter is still working, so
reduced are the “alarms” they have to respond to.
Another reason for using both hardware and software Firewalls is
that software is … well, software. And software, any software,
can be compromised. On the other hand the hardware Firewall,
with very few exceptions, can only be “got at” physically – a
baddie has to have hands-on access to the Firewall to do
anything nefarious with it.
Finally, both software and hardware can fail for any number of
reasons. If a good software firewall encounters a problem it
should be designed to fall back to some sort of safe mode,
blocking all Internet traffic until the problem is dealt with.
But if something should occur that forced the software Firewall
to shut down or that prevents it from loading at all (something
many Trojans attempt to do), it is no longer an impediment to
unauthorized data. You could well be vulnerable to attack and
remain blissfully unaware of the fact. On the other hand, if the
hardware Firewall fails it will do so in such a way that access
to and from the Internet is cut off altogether. The hardware
Firewall, by its very nature, can only fail on the side of
complete safety. If it's "not there", neither is the Internet
connection.
Well … does that make the software Firewall too much trouble? No
way !!! A good software Firewall that does its job properly is
positively invaluable for its management of outgoing
connections, which is where one of the biggest threats to your
security lies. A very, very strong case can be made for having
both types in place. I do, as do most professionals with an
understanding of, and a respect for, data security.
At the very least you should install a good software Firewall on
each PC for which you are responsible. A consistent Editor's
Choice selection, probably the most-recommended by IT
professionals, and my personal choice is ZoneAlarm from Zone
Labs. There are both free and PRO versions, with various
licensing options. Even if you are eligible to use the free
version I do encourage you to at least give PRO serious
consideration and look at the extra features you get over the
free version. http://HackersNightmare.com?res=ZoneAlarmPRO
There is no space here to discuss hardware firewall
recommendations, as the most suitable type will depend on a
number of factors. Seek advice from a reputable computer dealer
or consult a more detailed resource such as my book "The
Hacker’s Nightmare".
If this newsletter has been passed on to you by a friend, please
subscribe to it yourself so you can be sure of receiving the
next part in this series, when I'll show you how to keep your
sensitive electronic correspondence completely confidential,
even if someone does manage to intercept your eMail.
-------------------------
About the author:
Bill Hely is an Australian technologist, consultant and author
whose professional focus has been on advising and supporting
small business operators in IT and Office Productivity - and
rescuing them when they didn't heed his advice the first time
around. He is the author of several books on technology for the
business person, including the Bible of Internet and PC security
"The Hacker's Nightmare" - http://HackersNightmare.com
|
|
| |
| |
