Sending Firewalls Home

A firewall protects your network against outside access or probing. How well protected are your remote users and telecommuters?

By Barry Nance

May 28, 2001 12:00 PM ET

Recommended

Computerworld - From Iraq, Libya, China, New York, even your hometown, the bad guys' software is constantly probing the Internet, examining consecutive IP addresses for information. Ah! The software finds an active IP address. What sort of device is it? Does it have a network management agent? Whose protocol stack is the device running? Is the IP address permanently assigned? Might the device be a good target for a virus, Trojan or worm? Is port 23, which is used by telnet, open? Might it be worth flooding the device with denial-of-service packets? Does the IP address correspond to a registered domain name? Is the network node running Web server, FTP server, database server or file sharing software?

			For more on Firewalls see Four Personal Firewalls Reviewed

A sophisticated probe can discover a staggering amount of data and store it for future use. If an employee's home PC has a persistent Internet connection via Digital Subscriber Line (DSL) or cable, the probe's database almost certainly contains his IP address and network node data. Even dial-up users with dynamically assigned IP addresses can be at risk if connections last more than a half-day. An employee who routinely handles company business and confidential data from his home computer is also at risk.
A number of companies offer personal firewall products to help block Internet-based intruders. I tested four of the best-known - Norton Personal Firewall 2001 3.0 from Symantec Corp., BlackIce Defender 2.5 from Network Ice Inc., Tiny Personal Firewall Build 12 from Tiny Software Inc. and ZoneAlarm Pro 2.6 from Zone Labs Inc. - to find out which offers the best deterrent to Internet probes. Unlike corporate firewalls that operate on a networkwide basis, these tools guard a computer by inserting themselves into the PC's TCP/IP protocol stack. The firewall intercepts and examines each inbound or outbound Internet message. It distinguishes, for example, between legitimate messages that are responses to your Web browsing and illegitimate messages that you never asked for. The software also uses network address translation to substitute a bogus IP address inside your computer's outgoing Internet messages. When the bad guys don't know who you are, they can't penetrate your PC.
I tested each firewall on an IBM ThinkPad A21m with an 850-MHz Pentium III, 512MB of RAM and a 32GB hard disk. The ThinkPad was connected to the Internet over a 384K bit/sec. DSL connection feeding a 3Com Corp. 100M bit/sec. Ethernet port.
I used many tools to test security, including Internet Scanner from Internet Security Systems Inc. in Atlanta

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Software Development

Additional Resources

WHITE PAPER

Do You Know the 7 Steps to Successful Data Migration?

Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.

WHITE PAPER

Total Cost of Ownership of Server Computing Vs. PCs

Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.

WHITE PAPER

IDC White Paper: Linux in a Global Recession

Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

White Papers & Webcasts

Informatica 9 Launch: Transform your Business. Transform your world.

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

Forrester Consulting - Optimizing Users and Applications in a Mobile World
Learn how to successfully deploy a WAN optimization solution that is specifically tuned for a mobile environment!

Three IT Strategies to Cut Cost Intelligently
Register for this Webcast! Provided by BMC Software.

Continuous Systems, Nonstop Operations With Junos Software
Learn more.

Top to Bottom Performance Management Excellence at the City of Chicago
View now.

Advancing the Economics of Networking
For more information download it today!

Effectively Implementing Datacenter Automation
Effectively select and deploy the best datacenter automation solution today!

Is your data center running out of power or cooling?
Download this whitepaper now!

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.

Five Steps to Successful IT Consolidation
Has your Enterprise made the strategic decision to consolidate remote site IT infrastructure into central data centers?

Strategies for Driving Down IT Support Costs with Lite ITIL Practices
View this now!

All White Papers | All Webcasts