IV. Using a Personal Firewall

So far we've talked about ways to protect yourself from spyware that hides in software you download or websites you browse to. But what about the kinds of threats I talked about earlier, where a hacker can install software on your PC just by virtue of the fact that you're connected to the Internet? Protecting yourself from this kind of threat involves being a bit more proactive since in this case you won't be given the option to decide not to download the software in question it's being installed silently, without your knowledge or permission. What you need here is a piece of software that will prevent any outsiders from being able to access your computer. That software is called a firewall.

Here's how a firewall works: you open your web browser and type in http://www.yahoo.com. What this means, behind the scenes, is that your web browser is going to the Yahoo website and requesting that a copy of the Yahoo! home page be sent to your web browser. The Yahoo! website then receives this request and transmits the file. In slightly more technical terms, your computer is making a connection to the Yahoo!' web server, and the Yahoo! web server is responding to that connection. Now, since you asked for a copy of the Yahoo! web page, the response from Yahoo! is probably a legitimate one, so your firewall will allow the response from yahoo.com to go through. But if a hacker out on the Internet tries to initiate his or her own connection to your computer to install a piece of spyware, your firewall will refuse to allow the connection to pass through it, so that the hacker will not be able to connect to your computer to install malicious wares. In practical terms, your computer will become invisible to Internet hackers, while still allowing you to connect to websites on the Internet.

A personal firewall can be a piece of software that you install on your PC or a hardware device that you install between your PC and your Internet connection. Each has its own advantages and disadvantages, so we'll talk about both in turn.

Software Firewalls

A software-based firewall sits on the hard drive of one PC and protects any connections going to and from that machine. If you have only a single PC at home, a software-based firewall is probably the best way to go. The biggest thing you'll notice about almost any firewall software is that it'll be pretty "chatty" the first few days or weeks that you're using it, popping up a lot of messages to the effect of "Are you sure you want to do this?" when you play an online game or open up your email program. This is because firewalls actually learn about your Internet habits as they go, so they'll prompt you for approval the first time you open up AOL Instant Messenger, but then they'll add AIM to their list of "allowed" programs to run. In most cases you'll find that the paid versions of these firewall programs will be more user-friendly, meaning that they'll figure out which programs you use to access the Internet while you're installing the software.

There are quite a few software companies that sell personal firewall software. Some of them even have a free version that you can use if you're short on cash, though the free version won't have all the useful features of the paid versions and might not be as easy to use. Once you've selected a personal firewall, the installation and setup process usually involves only a few mouse clicks.

When you're configuring a personal firewall, you'll find that these programs usually have a few pre-set configurations like "Trusting," "Normal," and "High Security" that they'll use to dictate exactly how restrictive they are about how they handle your Internet traffic. I recommend that you start with a fairly middle-of-the-road setting at first, and then increase the security level as you become more familiar with the firewall software: the last thing you want to do is install a firewall that leaves you unable to access the Internet at all. I'll list some of the more popular and trusted software vendors here; you can also look for a similar product from your local computer store.

• Zone Labs: www.zonealarm.comZone Labs offers a few different versions of their security products, ranging from a basic firewall package that's free for personal or non-profit use, all the way to a full security suite that includes anti-virus scanning and email scanning. The super-all-inclusive "Zone Alarm Security Suite" package retails for around $70 at the time of this writing, and there are a few cheaper options as well. The free firewall provides only the most basic protection in comparison to the full-blown security suite, but I still definitely recommend it if you have no other firewall software loaded. You can load Zone Labs on Windows 98, Windows 2000, Windows ME, and Windows XP.

• Black Ice Defender: www.iss.netAnother favorite for home PC protection, this one retails for around $40. Easy to set up and use, it runs on 98, 2000, ME, XP, and even Windows NT 4.0.

• Symantec's Norton Personal Firewall: www.symantec.com/sabu/nis/npf/This is made by my favorite anti-virus vendor, runs on all current versions of Windows, and retails for around $50.

• Internet Security Suite: www.mcafee.comAnother one from a well-known anti-virus software vendor, this also retails for around $50.

Using the Windows Firewall

If you're running Windows XP Home or Windows XP Professional, your computer already has a software-based firewall built right into it. This is called the Internet Connection Firewall in Windows XP, or the Windows Firewall if you've installed Service Pack 2 for XP. This is a built-in (and free) software-based firewall that provides the same kinds of features that you'd otherwise need to pay for in earlier versions of Windows. If you've installed Service Pack 2, you don't even need to do anything to enable the firewall: it's turned on by default. If you haven't installed Service Pack 2 yet, you can enable the XP firewall by doing the following:

1. Click on StartRun. Type OK. This will bring up your Network Connections in the Control Panel. You'll see the screen shown in Figure 8,

Figure 8. Viewing Network Connections in the Control Panel

2. Right-click on your network connection, and select Properties.

3. Click on the Advanced tab, and place a checkmark next to "Protect my computer and network by limiting or preventing access to this computer from the Internet."

4. Click OK, and repeat steps 2-4 if you have more than one network connection. (Since I have both a wireless card and a regular network card in my laptop, I would need to follow these instructions twice, once for each connection that you see in Figure 8,

Once you've installed your firewall, anytime that you use a new piece of software to access the Internet, you'll see a pop-up window similar to the one shown in Figure 9. As you can see, you have the choice to allow this program to access the Internet, or to block it. Don't worry: if this is a program (like Instant Messenger) that you use a lot, you'll see this prompt only once; you won't need to click "Allow" every time you try to use it after you click on "Unblock."

Hardware Firewalls

If you have multiple computers in your house that share the same Internet connection, you'll probably want to install a router to allow all of these machines to get on the Internet at the same time. This will typically be a small box that plugs into your DSL or cable modem with several plugs in the back that you connect your home computers to, maybe even with a Wireless Access Point (WAP) built into it to allow your wireless laptop to connect without using network cables. The advantage to these routers is that they act as a built-in firewall for your home computers by shielding any computers that are plugged into the router from being "visible" to anyone on the Internet. Much like a software-based firewall, your router will intercept any outsider attempting to connect to your internal machines without your consent and prevent them from making a connection or installing any spyware. Many router manufacturers are even beginning to market "Firewall Routers" for home use that have even better firewall protection available. It used to be that hardware-based firewalls really were accessible only to big companies, with prices in the hundreds and even thousands of dollars. But now you can pick up a router for your home for less than US $100. If you're using a hardware firewall, you'll still be able to install software firewalls on your home computers as an added measure of protection; the two won't interfere with each other. (Remember "Defense in depth"? Using both a hardware and software firewall is a great example of it.)

There are a few other major benefits of using a hardware firewall. First, because all the work involved with protecting your computer is being done on the router and not on your computer, your computer won't be slowed down by trying to run firewall software in the background all the time. And if you have multiple computers in your house, a hardware firewall means that you don't need to install and configure a software firewall on every computer inside your network though it won't hurt anything, as I said before. And finally, a hardware firewall is running all the time unlike a software firewall, which your kids might turn off so that they can play a game, for instance.