Thursday, April 07, 2005

Free Computer Security -- Firewalls

Any computer that's connected to the Internet needs a firewall. It doesn't matter if you have only a dial-up connection. I'm on dial-up, and my computer sometimes is targeted for port scans. In fact, my first two computer calamities probably were caused by malicious Internet activity.

I was running Windows 98 back then and playing an online RPG. I'd leave the computer connected to the Internet several hours at a time while I played or downloaded updates. One day the computer failed to load Windows, and I discovered that the SYSTEM directory was empty.

I repaired the system and went back online. About six months later, the computer suddenly became very sluggish, and a program that I was unfamiliar with (probably a service) was maxing out the CPU.

Then I did two things. First, I set my hard drive up to dual boot Windows 98 and NT 4.0. NT would be my primary OS, while Win98 would be for my daughter's games. Second, I installed a firewall.

At the time, three free firewalls were popular: Sybergen Secure Desktop, Tiny Personal Firewall, and Zone Alarm. Zone Alarm seemed to be the most popular so I installed it. It was easy to use and hid my computer's ports from the Internet. And I haven't had an Internet-related problem since.

But the astute reader will notice that I referred to Zone Alarm in the past tense. I almost hate to mention this, because Zone Alarm is a very good program. But remember how I wrote that I was playing an online RPG and that I was on dialup? I discovered, through a lot of trial and error, that Zone Alarm interrupted the connection to the game every thirty to sixty seconds for about five seconds. And its "disabled" mode didn't change that. The interruptions went away only after I uninstalled Zone Alarm.

So that prompted me to try Sybergen Secure Desktop. That program was just about as easy to use, hid my computer’s ports just as effectively as did Zone Alarm, and it didn’t interrupt my gaming experience one bit. I recall running a port scan while playing. Everything worked fine, and I’ve kept it on my system.

Sybergen Secure Desktop now is called Sygate Personal Firewall. And it still runs on WinNT 4.0 (SP6).

Once you install Zone Alarm or Sygate Personal Firewall, you’ll need to configure it. Configuration is an ongoing process since these products will block a program’s access if that program has been changed. But I like to tweak things even further. I find that the default settings for "allowed" programs is too relaxed.

First, I like to restrict the remote port numbers that things connect to. For example, my web browsers are allowed to connect only to remote ports 80 and 443, which are standard ports for HTTP and HTTPS, respectively.

Second I like to set everything to client-only communication so that any remote-initiated attempts to communicate with these programs are rejected.

Third, I use FireFox as my default browser, but keep Internet Explorer for those ASP-type pages that are unreadable with anything else. (Internet Explorer was required to file my income tax claim at TaxFreedom.org.) When I need to use IE, I get the website’s IP address using Ping and then allow IE to access only that IP address. Otherwise, IE stays blocked. Ditto for Outlook, since email gets routed through a couple of proxies before arriving at Outlook. (These proxies will be the subject of another installment of Free Security Programs.)

I’ll post the URLs of my favorite sites that do port scanning in the comments section, below. But not right now – later, when I stand a good chance of keeping my eyes open.

(Psst: I never did try Tiny PF.)

2 comments:

Tirsden Frozenrayn said...

ah HAH! So that'd explain why even if I could get ZoneAlarm and EverQuest to work together, my connection sucked. I have a bad habit of turning off ZA to play whatever it is I want to play online. Diablo II locks up solid with ZoneAlarm. EverQuest would too, depending on if an update to the game changed whatever IP address it was looking for. Sometimes the ZoneAlarm window asking for confirmation of the new address/access request would pop up fast enough. Sometimes it wouldn't.

I'm not playing anything at all now tho, especially after killing off my D2 char. If I do get back into the madness, I'll look up this other firewall you speak of. o_O Cuz it'd be nice to have the firewall running all the time... that's... kinda... the point. LOL.

Luddite Geek said...

You'd think after five years, Zone Labs might make Zone Alarm suitable for gamers.

Well, good luck with SPF! I'm happy with it.