Published August 9, 2000
Let’s not be overly worried and apprehensive yet. Prying eyes and probes from the boogie man are not monitoring our every mouse click. However middle-eastern proverb is worthy mention: “Trust in Allah, but tie your camel.”
Corporations, with full-time Internet connections to their internal network of computers, have been scrupulously keen to install safeguards and diligently update new padlocks. Smaller companies and individuals with fast-always-on Internet access (DSL–cable–wireless) are quick to adapt to this common practice.
Security vulnerability is minimal for the rest of us who are limited, by finance or service offerings, to modem dial-ups. Inherently, Internet Service Providers automatically assign one of their numbers (IP) at random that identifies a computer on the network. The next dial-up, a different number is assigned; thus the likelihood of being a security target is much lower.
Verbal attacks are known as Flames— sticks and stones. However online electronic break-ins into your computer’s stored files is a considerably greater annoyance. Certainly no one would welcome their data to be compromised by vandals or thieves.
Who are these intruders? They are competitor companies, governments, criminal crackers—hackers are the good guys—or inquisitive teenagers on a keyboard; everyone or anyone. Snoops.
Intruders who may penetrate a computer’s stored information can be successfully blocked with a Firewall. Information passes from behind the firewall through a gateway to the Internet, but the incoming stream is intercepted by this mechanism to prevent unauthorized entry.
Debatably, the best of all firewalls is a simple to install software solution oddly named a GNAT Box. It’s effective without complex configurations, expensive hardware or software drivers. It’s not even stored on the hard drive. It is administered by a NT, Windows, Unix or Macintosh Web browser graphical user interface (GUI).
GNAT Box supports hard-to-handle applications like RealAudio-Video, NetPhone, and CU-SeeMe. Thirty-two thousand concurrent connections can be processed through a single gateway number. Expensive administrative overhead and costly network security breaches are history. It’s arguably the most cost-effective firewalls on the market.
ZoneAlarm is another firewall product that sets three levels of security; the highest level blocks file sharing, hides all ports from the outside and enforces privileges assigned to programs. Norton Internet Security also does this but overlays strict, complex rules. McAfee Personal Firewall and eSafe Desktop are primitive by comparison.
Windows users accustomed to tweaking settings of individual ports, may shy away from this for it’s presumed lack of controls. ZoneAlarm’s rich set of features is admirably structured to do the job, and simplifies the administrator’s setup and maintenance.
The more intensely complex firewalls like Norton Internet Security add multiple layers of restrictions and settings. The apparent advantage of finite controls also constricts the passage of information to only those Web sites listed.
Administering a firewall system is the job of an experienced consultant or staff specialist, particularly for larger and growing businesses. Individuals with always-on connections to the Internet also need firewall security, at an affordable value. Even the best firewall can be breached because some ports must be opened to allow traffic to pass through.
A hardware box called a router can help manage a small business or home Local Area Network (LAN) for a few hundred dollars. More expensive is a dedicated server, which is basically a special computer that acts as traffic cop.
BlackICE Agent is another layer of protection after the firewall that detects suspicious behavior in the communications stream. If an attack is suspected, the software closes the connection between the system and the originating outside address, then logs the incident.
Lloyds of London now insures against the risk of security network attacks that result in stolen information or loss of data from electronic intrusions that may find a way past the firewalls.