Home Computing Security Tips

A firewall is the first line of protection for your computer on a network, especially if you access the “wild west” Internet. Firewalls actually come in two distinct flavors: software applications that run in the background, and hardware devices between you and the network. Always have at least one, and preferably both, installed firewalls types in place and running prior to connecting to an Internet connection!

Microsoft Windows Firewall comes with XP and provides a built-in software firewall but:

· only monitors inbound network traffic, thus ignoring malware that might already be installed on your system and communicating outbound with Internet servers

· it inherently trusts the local network subnet, leading to the possibility that nearby computers on a network could be used to launch "zombie" takeover attacks on your PC

· while it's possible to run Windows Firewall at the same time as a more capable software firewall product, doing so can be needlessly confusing and degrade performance. All Internet traffic has to pass through similar filtering twice.

It is recommended, therefore, that you turn off the Windows XP Firewall AFTER installing a better software firewall program. The other personal firewall that you install will integrate well with XP's new Security Center , the security dashboard that helps you visually see that all your primary security programs are functioning.

Windows Vista to be released in Jan. 2007 as a replacement for XP operating system has a better firewall. It filters traffic both incoming and outgoing - to block suspicious or dangerous activity.

"The firewall in Windows Vista will have half its protection turned off by default, because that is what enterprise customers have requested, Microsoft has said.

When Windows Vista is released early next year, it will have an updated firewall that looks at incoming as well as outgoing traffic, the company has said--an advance on the firewall in Windows XP service pack 2, which only watches incoming data.

But the default on the firewall in Vista will be set to block incoming traffic only, Microsoft said. The protection will be curbed in order to make life easier for the company's enterprise customers, it said.

Aiming to recreate the excitement of Windows 95, Microsoft is trying to turn Vista into its next big win."Because the nature of an outbound firewall is to restrict the traffic sent to specific ports, the outgoing access in the Windows Vista firewall is open by default," a representative for the software maker told ZDNet Australia. "The reason for this is Microsoft has received strong feedback from its customers, especially from large organizations and government departments, saying that they would like to manage this feature from an administrator level."

Configuring the Vista firewall to stop outgoing connections made by rogue applications and malicious software will require a varying degree of technical knowledge, depending on each user's security requirements, Microsoft said.

"Users need to understand how their applications undertake communication and connections, and the associated threats and risks. This security requirement will vary amongst users, and Microsoft is providing the capability to allow users to determine how they wish to leverage this security capability," the Microsoft representative said.

Firewall specialist Zone Labs said that people will require a "fairly high level of sophistication" in order to properly configure the Vista firewall. For consumers, the company said the task will be nothing less than "challenging."

"Outbound protection requires a fairly high level of sophistication to engage, and reports indicate that Microsoft expects that functionality to be used by IT professionals in a business-networking environment," Laura Yecies, general manager at Zone Labs, said.

Security specialist Michael Warrilow, director of Sydney-based analyst firm Hydrasight, believes that Microsoft has found it too difficult to create an all-encompassing firewall. However, he said that by not putting the capabilities of the firewall into full play, the company is not ignoring its nontechnical customer base.

"In effect, Microsoft is putting outbound (protection) in the 'too hard' basket for the time being," Warrilow said. "The firewall is to protect against inbound attacks--instead of protecting the rest of the world from you." Source

I’ve been using the full suite for 2 years now. I just upgraded to the latest version ZoneAlarm Security Suite 7.0.…..$49.95 for 1 year subscription with free program virus and antispyware definition updates.

I can use it on multiple computers here at home and it works fine with LUA limited accounts in XP.

ZoneAlarm Pro is $39.95 but excludes the Antivirus, Anti-Spam & Anti-Phishing and IM Protection features. So $10 more is worth it to purchase the SUITE just for the antivirus protection alone.

1. Firewall - Delivers proactive firewall protection with multiple layers of security that stop inbound, outbound, and program attacks while keeping you completely invisible to hackers; Trusted, Internet or Restricted Zones have their own rules. PCPro web site, Dec 2005, rates ZA’s firewall as tops and adds:

“Rootkit exploits are detected by ZoneAlarm's new Triple Defence Firewall. Effectively, you get the proven and mature ZoneAlarm stateful stealth firewall to guard the network perimeter; a second firewall wraps itself around every software app to protect good programs from bad; and the third layer is the OS Firewall to protect the OS, Registry and file system from attack. Thanks to the SmartDefence Advisor that Zone Labs introduced last year, the firewall needs no tweaking, with the advisor passing default policy from the SmartDefence team at Zone Labs directly to the user. The SmartDefence service also provides real-time updates and new attack-protection capabilities, and is pretty much the brains behind most ZoneAlarm services (from the DefenceNet community input for spyware attacks to the advisor for deploying policy automatically). Another new feature that works well is the automatic kill control. This gives the SmartDefence Advisor the ability to disable programs attempting dangerous or damaging activity without the need for user input. Zone Labs' database of more than 10,000 Internet-facing apps means you get minimal 'generic host process' alerts to confuse you and fewer false alarms requiring intervention to annoy you.”

2. Program Control - allows or blocks specified executable programs from contacting internet AND from modifying OS and registry settings

[Both are scanned at the same time and the basic scan is quick. You can also select a longer, in-depth scan.]

5. eMail protection – scans for phishing emails, junkmail spam, scans attachments, alerts or blocks outbound messages suspiciously sent to too many or too quickly

6. Privacy protection - blocks pop up ads and tracking cookies; automatic cache cleaner scheduled per my setting; [the first time I ran it, the cache cleaner removed 3,222 files consuming 49mb of space.

7. Identity protection – prevents my identity information from being sent to unauthorized destinations; info is stored within ZoneAlarm’s encrypted TRUSTED VAULT; block transmission of this information without first alerting me for permission to send it; I can pre-approved trusted web sites that have my permission to receive this info: eBay, Amazon, my bank, etc.

8. IM protection - instant messaging ENCRYPTION; Secures your IM sessions from spyware and virus infiltration; Prevents IM spam; Restricts kids to IM'ing only to known, trusted people

9. Parental Control - blocks inappropriate web content as specified by me from pick list

There is an automatic network detection feature for Wi-Fi that will now identify unsecured wireless networks and automatically set the appropriate security levels to protect the computer.

Also NEW to ZoneAlarm Internet Suite is this new IDENTITY PROTECTION CENTER feature that provides free credit card protection and an additional subscription service for credit card and credit management oversight services to help in fraud detection. It provides:

Warning: Don’t buy security software on eBay or Amazon MarketPlace or download from other sources other than the parent company. It is a risk they could be tampered with and you don’t want your security software to be compromised. Really, any software bought this way is a risk! Only buy software from the parent company or reputable companies.

See the top software firewall programs compared: http://personal-firewall-software-review.toptenreviews.com/. Pay attention to which version they are reviewing. If you buy a firewall program from a user, like from eBay or Amazon Marketplace, be sure what you are ordering, as you may end up with an older version, a full “trial” version or one you cannot register that allows updates. You also cannot rule out buying a corrupted CD containing something malicious – not a good move for your most precious security program – your firewall!

Adding a Hardware Router Firewall increases your protection as a software trojan or rootkit won’t bring it down. The hardware router device placed between your computer and your Internet will make your computer invisible to the outside world. Your IP address is protected so hackers with probing tools have a harder time discovering you are there.

Port Scanning is a common way for a hacker to gain access to your systems is by finding open ports on your network to access. Port scanning allows the hacker to scan thousands of ports in a few minutes to obtain a list of open ports. Many firewalls will recognize a port scan and drop this connection. Additionally, a firewall configured in a "best practices" method will close any unneeded ports and will not allow connections to access those ports. This is the basic function of a firewall. Port scanning is also used to find applications with known weaknesses.

A hardware firewall is programmed in firmware so it has no performance impact on your computer resources as the software firewall does. It cannot be corrupted like software. The hardware router may also provide wireless access to other devices like laptops, printers or other computers that you don't wish to run network cables to, also acting as a hub to provide multiple jacks to allow multiple computers to access a home network connection.

For more on hardware firewalls and how firewalls work in detail - go to FIREWALLS IN DEPTH.