Firewalls protect you from me

By Вen Li

Fall is traditionally a time when hordes of post-secondary neophytes get Internet access for the first time. For those established on the Internet, this can be both a blessing and a curse. New faces offer new ideas and perspectives. At the same time however, they’ll try to figure out why TYPING IN ALL CAPS and sending large pictures of random dogs to everyone–making all other e-mail bounce–is bad. The influx of new users also brings out a host of unsavoury characters out to vandalize or take control of the computers of unsuspecting users.

Personal firewalls are a common solution to this problem.

Like the firewalls of yore that protected castles from uninvited guests, Internet firewalls sit between computers and the rest of the Internet to protect computers and smaller networks from digital intruders.

A traditional Internet firewall consists of a box with electronics that selectively lets Internet traffic in or out based on rules defined in the firewall’s software. For instance, a firewall could let your instant messaging buddy send you MP3s, but could decide to stop large amounts of random data from an attacker. Some firewalls can also be configured to keep some types of data from leaving your computer accidentally or maliciously, such as personal information or the latest e-mail virus. While such devices are great for large networks, hardware firewalls have until recently been prohibitively expensive for most casual Internet users.

The current generation of Internet firewalls come in two forms: software that runs on your computer and regulates Internet access at the application and operating system levels–the only option for phone modem users–and smaller versions of hardware firewalls connected between your computer and cable or DSL modem.

Software-based firewalls cost anywhere from nothing to $100. The most basic software firewalls run in the background, notifying the user of suspicious activity on the Internet connection, and offering to stop it. More advanced firewalls integrate virus scanning software and can automatically stop incoming viruses. They are also somewhat more intelligent about what traffic is or is not apropos, and allows the user fine control about exactly what programs can send or receive what kinds of data. These programs
may require purchasing other components to work at their full potential.

In any case, installing a software-based firewall is generally a quick and painless process if you have a typical Internet connection and have your ISP’s signup sheet containing important IP addresses handy. Uninstalling a software firewall may be a more involved process depending on how it integrates with other programs like browsers and e-mail programs, so choose wisely. You generally only need one software firewall installed at any one time.

Hardware-based firewalls are more robust and generally more difficult to configure than their software counterparts. They are typically configured using a Web browser and require you to know specific details about your Internet connection, usually provided to you in hard copy when you signed up for your Internet connection.

While hardware firewalls require more time to set up, they know about and protect against entire classes of network and computer attacks, unlike some software firewalls which only protect against specific versions of those attacks. This makes them ideal for always-on cable modem and DSL connections where your computer is constantly under threat from attackers.

Respectable hardware firewalls cost from $80 to $200 but many also allow you to share an Internet connection with other computers in your home.

The one drawback of a hardware firewall is, however, that you can’t tell the firewall to allow or disallow connections on a per application basis. You can tell a software firewall (but not a hardware firewall) to disallow certain streaming-media players from reporting your Web-browsing habits to marketers since the hardware firewall has no way of knowing what programs are running on your computer.

You can, of course, combine the two and get the best of both worlds. A software firewall on your computer behind a hardware firewall will keep you safe from both malicious Internet users and marketers, and acts as an added layer of protection in case either one is compromised.

Leave a comment