|
Home »
Networking
»
Firewalls
Summary: Firewalls are a critical component of keeping your machine safe on the internet. There are two basic types, but which is right for you? Do I need a firewall, and if so, what kind? The very short, very easy answer is: hell yes! With all that's happening on the internet these days it's simply too risky to sit "naked" on the internet unless you really know what you're doing. The real question is: what do you need? It's even possible you already are behind a firewall and don't need anything additional. • First, realize that a firewall is about protecting you from them, where "them" means "the malicious folk on the internet". A correctly configured firewall does not block your access out to the internet so you should be able to browse the web, for example, without interruption. The firewall prevents access from somewhere on the internet to you. That's not to say people can't send you email; they can because you access your mail through the internet when you retrieve or download it. It does mean that people can't copy files directly to your PC or cause programs to be run on your machine. Step one is to check with your ISP. Some actually do provide a certain amount of firewalling. AOL, if I'm not mistaken, is a fairly good example: they've set up their own private network and internet access is tightly controlled. The good news is that you may be well-protected. The bad news is that you have no control over it. Most ISPs, however, do not provide any kind of firewall. What you get from them is a direct connection to the internet. That gives you the most flexibility and control but it also places the burden of protection in your lap. The next question is do you need a hardware or software-based firewall? In my opinion, if you connect via broadband such as cable or DSL then there's no question at all: broadband routers are inexpensive and provide an exceptionally high level of protection out of the box. They're typically easy to set up and also have the flexibility to be carefully configured for more advanced uses such as running a web server from behind your firewall. I like the hardware approach because the routers are devices dedicated to their task and do not interfere with - nor can they be compromised by - your computer. You can read more about routers and how I'd set up a home network. Remember, a router will work fine even if you have only one computer. "... it's simply too risky to sit 'naked' on the
internet unless you really know what you're doing ..."
If you are on dialup or have some other reason for not wanting to go the hardware route there are software firewalls as well. In fact, Windows XP includes one by default: on the properties page of any network connection, click the advanced tab and you'll find the Internet Connection Firewall. Even if you do nothing else and you're not sure what you really want to do, you should turn this on. Other popular firewalls include ZoneAlarm and Comodo. Finally, when you believe you're protected or even if you know you're not you should visit Gibson Research and run "Shields Up", a vulnerability analysis. It will try to access and analyze your computer from the internet, list for you exactly how you are vulnerable, and tell you the potential steps you can take. It tends to be a little techie but it's worth the effort. Related:
Article 169 | Posted March 22, 2004 |
askleo: Photo: Keyboard Filth http://bit.ly/sSgx (5-Jan 1:46pm PT) askleo: RT @JeffWalker: Awesome blog post - "How To Become Wealthy RIGHT NOW"... (5-Jan 12:46pm PT) askleo: LOL! RT @IAC_Heather: You know how we have TGIF, maybe we should have... (5-Jan 12:41pm PT) Popular & Hot How do I change my MSN Hotmail password? How do I delete history items from my Google tool bar? I accidentally deleted my Recycle Bin in Vista - how do I get it back? My desktop Recycle Bin has disappeared - why, and how do I get it back? New & Important How can I get the old Windows Live Hotmail back? Internet Safety: How do I keep my computer safe on the internet?
Stay Informed Archives Advertisers |
•
Hi Leo,
I have Windows 200 professional and Mcafee viruscan 7.1 on my laptop.I have been having my dial-up connection from AOL for about 2 weeks.I did one mistake.I did not update my latest dat file from NAI.com for the viruscan.During that period some virus has entered my system and diabled my task manager.Later I updated teh latest dat file.But still I started getting messages from virscan that a virus file SVCHOST.exe could not be deleted fro c:\winnt\svchost.exe.Then I found this file in that location was just 1 week old.I also found one more file in location c:\winnt\system32\svchost.exe old dated and also smaller in size.Then c:\winnt\system32\svchost.exe to c:\winnt\svchost.exe.The viruscan report stopped coming but now this exe keeps executing itself from c:\winnt\svchost.exe on a empty command window and finally I have got a message on my desktop showing high risk of spyware and some problem on RAM.Please let me know what should I do.I have my Windows ME factory edition for my laptop.Should I go ahead and install the OS.If I take a backup of data on split drive D do I have a chance of getting viruses from the backup.
Thanks,
Chamu
Posted by: Suresh at May 15, 2006 3:09 AMI wanted to get back at my sister for sending me a lot of forwarded chain letters and other dumb stuff so I sent her a barrage of funny emails frm a certain site. It didn't end up the way I had planned as she had just put in a firewall(called firefox) on her comp,she said she couldn't access them,but one frm another site she could see. Why is that? Thanks for ur help!
Posted by: Faye at May 20, 2006 6:02 AMWe have AOL's security system on our computer. My wife chose the computer check on AOL, and chose some option that keeps turning off our internet connection after a minute or so.
We have a router that our computer connects to. It has an IP address that the fire wall seems to reject, but allows initially.
If we go to Google, it allows us connection for a long time. But as soon as we try to go on Yahoo.com or msn.com or aol, then our internet connection gets interrupted. We have to disable and enable our connection again and again to connect for short periods of time.
Please Help.
Posted by: S. Naqvi at September 22, 2006 12:59 PMhey... i need a little help.. i cant seem to check my emails... i can get onto the hotmail.com website, and i can type in my email address and password.. but when i hit enter, it says page cannot be displayed. i personaly think that it is because of some kind of firewall. but i have no idea how to disable it. can you help me?
can you IM me on aim at gummybear52291 please???
thanks
Posted by: brandy at November 23, 2006 8:38 PMour office having intranet so there is some sites are blocked so how to use rediffbol bypassing the proxy..kindly let me know
Posted by: deepak at January 27, 2007 12:23 AMFIREWALL NOT NEEDED? Everyone says use a router/firewall when using DSL, cable, etc. I helped a friend with a new AT&T DSL account and insisted that he buy a router. So he purchased a Netgear router. During the setup, I was surprised to see that the modem was giving out a private 192.168.1.x address. Are they putting NAT firewalls in the modems now? None of the documentation mentioned that there was already a firewall. I installed the Netgear router anyway because I was not sure. Maybe he didn't need to buy the router? I still can't find any info about firewalls being included in DSL modems.
Posted by: Rln Zastovnik at February 5, 2008 5:13 PM-Ron
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have seen this, though as you've seen it;s hard to find
documentation on it. The DSL modem at my wife's business was
handing out 192. addresses just as you describe. This does
imply that it's doing NAT, and does imply that it is acting,
in some regard, as a firewall/router. And yes, that would be
sufficient.
And to clarify your lead-in statement, yes a firewall is
still neccessary - it just might already be in your modem.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFHqfCTCMEe9B/8oqERAjlYAJ4+hsNrgAaELZ79CdeZc5Bol6NxVACgjpsi
Posted by: Leo A. Notenboom at February 6, 2008 9:38 AMCMtarYfrjPu/oQ0SnBr0JLY=
=9Rad
-----END PGP SIGNATURE-----
Leo,
Posted by: David Vogl at May 14, 2008 8:25 AMLately, according to Zone Alarm I have NUMEROUS programs all trying to contact 192.198.0.198 and .1 and 224.0.0.22 which appear to come from Africa! At your suggestion on the air I bought a D-Link DIR-655 router and NOD32 AV. I deleted ZA as I thought you said all I needed was the router. I'm really worried "something" is on my computer despite complete scans by NOD32 and several other on line scan programs. Should I go back and install Zone Alarm again?
Am I in danger and should I worry?
Thanks, Leo,
David
Leo, sorry, I can't type. That IP was 192.168.0.1 and 192.168.0.199 among others.
Posted by: David Vogl at May 14, 2008 8:29 AMI fix computers from time to time and I think some may have been hacked into. When I fix them I don't use my router with a firewall I just connect via my modem and after there repaired I hook my router back up.
Posted by: Ed at July 21, 2008 6:56 PMSo if the hacker can see my ip addy am I still safe since I put my router with firewall back up or should I use my router all the time even when I do repairs