|
|
|
Home PC Firewall Guide
A personal computer connected to
the Internet without a firewall can be hijacked and added to an Internet
outlaw's botnet in just a few minutes. |
|
|
A firewall can block malware that
could otherwise scan your computer for
vulnerabilities and then try to break in at a weak
point. The only way to make a home computer 100%
secure is to turn it off or disconnect it from the
Internet. The real issue is how to make one 99.9% secure
when it is connected. At a minimum, home computers need
to have personal firewall and anti-malware software
installed and kept up-to-date to find and remove viruses,
spyware, Trojans and other malware. A home network
that uses a wired or wireless router with firewall
features provides additional protection.
|
The Wild West!
"...The result is the Wild West: a lawless society. On the Internet,
there really isn’t a rule of law imposed from above. It’s every man, or
every network, for himself. Those that can afford bespoke security have
it, but those who can't -- think home computer users -- have to make do.
This is very much the world of Internet security..."
Source: Bruce Schneier quoted in
Computer security's dubious future, Roger Grimes, Infoworld,
February 22, 2008.
Personal Firewall Choices
Microsoft Windows Firewall -- The Vista and XP
Service Pack 2 operating systems have personal firewalls built in that
are turned on by default to block threats from the Internet. You
should leave this feature turned on until you replace it with third-party software and/or hardware.
Two-Way Third-Party Personal Firewall Software -- These
firewalls block both incoming and outgoing threats. A computer has
outgoing threats when it becomes infected with a
virus, trojan
horse or spyware. A challenge for this
type of firewall is to distinguish between threats and legitimate
software. Three common ways to address this are
by vendors including a list of
safe software for the firewall to check [white list], malware to block
[black list] and/or by issuing a pop up alert to
the user asking for advice on what to do [better for experts]. For links to vendors and
reviews of over fifty products, see our Personal
Firewall Reviews page. Recommended products with links to vendors:
Internet Security Software Suites -- These
products include two or more security features such as a personal
firewall, anti-virus, anti-spyware and more. For links to vendors and
reviews of over 20 products, see our Internet
Security & Utility Suites page. Recommended retail products with links
to vendors:
-
Norton Internet Security or Norton 360
from Symantec include personal
firewall and protection from viruses, worms, spyware, intrusion,
phishing and root kits. Also includes behavioral monitoring
features. The free online add-on pack includes anti-spam, parental
control, confidential information blocking, and ad blocking.
NIS 08 was PC
World's Best Buy 12-1-07 and PC
Magazine Editor's Choice 9-7-07. "Norton
360" adds automatic backup and restore with 2 GB of online storage,
PC tune up and embedded support components. PC Magazine Editor's
Choice 3-7-07.
-
ZoneAlarm Internet Security Suite
 from CheckPoint
features include network, program & operating system firewalls,
antivirus, anti-spyware, anti-spam, anti-phishing, identity theft
protection, auto-learn, game mode, wireless PC protection &
SmartDefense service; Windows 2000/XP users also get spy site
blocking, privacy protection, IM protection, email security, &
parental control.
CNet Editor's Choice January 2007.
-
Kaspersky Internet Security
-- Intrusion protection, anti-virus,
personal firewall, anti-spyware, anti-spam, and blocks auto dialers,
ads and pop-ups.
Hardware Firewalls -- A hardware firewall is
usually a small box that sits between a modem and a computer or network.
The firewall is either based on "network address translation" (NAT)
which hides your computer from the Internet or NAT plus "stateful
packet inspection" (SPI) for more protection. There are three basic types of
hardware devices that include firewalls for home users,
Wired Routers, Wireless
Routers, and Broadband Gateways. They
are inexpensive enough to be used with one computer and can also be used
to create a home computer network. They can be used in addition to a
software firewall on each computer because they run on a separate box
preventing most compatibility problems. Recommended broadband gateway
retail products with links to vendors.
- D-Link
DIR-655 Extreme N Wireless Router
includes WPA & WPA2 and dual active firewalls
(NAT+SPI). The optional
Secure Spot 2.0
security package available directly from D-Link adds parental
controls, safe surfing/searching, remote management,
anti-virus/antispyware protection with McAfee® technology, internet
usage time scheduling and activity reporting, web-managed firewall,
access control for Internet usage, application control (blocking and
scheduling), spam control and identity protection.
-
ZoneAlarm Secure Wireless Router
 from CheckPoint
with
SPI firewall, gateway antivirus, remote access VPN, intrusion
detection and prevention, secure wireless communications, built in
print server, monthly security report, flexible optional services,
automatic updates, and free online technical support.
Important Tips -- Never use two personal firewall
software products at the same time. Fully uninstall one before
installing another to prevent compatibility problems. After installation, be sure to test it
with an online service like
Security Space
to make sure that it is configured correctly.
Staying Up-To-Date -- For current security news, alerts and
reviews, see our
Internet Security News page and sign up
for our free newsletter.
Resources
|
|
|
