11.5. Security CenterYour Control Panel contains an icon called Security Center. It's an easy-to-understand status report on three important security features: Firewall, Automatic Update, and Virus Protection. If any of these are turned off, dire messages appear on your screen at startup and as balloons in your notification area. As you can see by Figure 11-5, the Security Center is primarily just a status dashboard; the big ON or OFF "lights" are just indicators, not clickable buttons . But it does contain links to numerous help screens, online resources, and other parts of Windows that let you control its three central functions. Figure 11-5. The Security Center window gives you an overview of your options for protecting your PC and maintaining its software. Click one of the headings (Windows Firewall, Automatic Updates, Internet Options) to expand that section of the dialog box.If you're using Windows XP in a corporation where a highly trained network administrator is in charge, you may find that you can't make any changes in the Security Center or Windows firewall. Protecting your PC, in this case, is somebody else's job.
11.5.1. The Windows FirewallIf your machine connects to the Internet, it really should have a firewall. If it's connected to the Internet full-time , as with a cable modem or DSL, it really really should have a firewall. Most of the people who have fallen victim to snooping attacks from the Internet are people without a firewall. Windows XP has included firewall software from the very beginning (it used to be called Internet Connection Firewall). Unfortunately , in the original Windows XP, the firewall's factory setting was Off, and finding its deeply buried On switch required three weeks and the assistance of a Sherpa. ("It's like we gave you a car with seat belts that were really well hidden," admits a Windows product manager. "You had to open a secret panel and press three buttons to make them appear.") In the latest edition of Windows XP, you can't miss the presence of the firewall. It comes already turned on, and, if it somehow gets turned off, the Security Center offers a direct link to the Windows Firewall control panel. (Of course, you can also open it at any time by choosing Start Control Panel Windows Firewall.) 11.5.1.1. All about portsNow, if you really wanted complete protection from the Internet, you could always just disconnect your PC from the modem. Of course, that might be a little too much protection; you'd be depriving yourself of the entire Internet. Instead, you can open individual ports as necessary. Ports are authorized tunnels in the firewall that permit certain kinds of Internet traffic to pass through: one apiece for email, instant messages, streaming music, printer sharing, and so on. (Part of what made the original Windows XP so insecure was that Microsoft left a lot of these ports open, to the delight of evildoers online.) The Windows firewall works like this: each time a piece of software tries to get onto the Internet, the Windows firewall will pop up a dialog box that lets you know and asks whether it's OK for this piece of software to burrow through the firewall to go about its business. The golden rule: if you recognize the name of the software (for example, an online game), go ahead and grant permission by clicking Unblock. If you don't (for example, PsatNetQuery.exe), click one of the other two buttons. If you're an online gamer, you'll be seeing a lot of this dialog box. Internet attackers were especially fond of using the ports that interactive online games open. On the other hand, if you're using a public PC (in a library, say), you might never be asked permission. That's because some administrator has turned on the "Don't allow exceptions" option shown in Figure 11-6 at left. That means, "No holes in the firewall, ever. This is a public terminal, and we can't permit God- knows -what activity to corrupt our system." If you grant permission, then each time you use that software, Windows will briefly open up a special port for that kind of activity, and then seal the port closed again when you're finished. 11.5.1.2. The exceptions listWhen that little Security Alert box opens up, there will be times when you make the wrong decision. You'll deny permission to something that looks fishy, and then find out that one of your programs no longer works. On the other hand, maybe you'll approve something that has a recognizable name, and then you'll later find out that it was actually a trickan evil program deliberately named in order to get your approval. That, unfortunately, is life in the Windows fast lane. Fortunately, you have a second chance. At any time, you can take a look at the list of authorized holes in your Windows firewall, using the Windows Firewall control panel (Start Control Panel Windows Firewall). When you click the Exceptions tab, you see something like Figure 11-6 at right: a list of every program that has been granted an open port in the firewall. Using this list, you can also add a program manually (rather than waiting for it to ask permission at the time of launching). To do so, click the Add Program button, and choose the program's name from the list that appears. Figure 11-6. Left: Here, in the new Windows Firewall control panel, you can turn the Windows firewall on or off. You should turn it off (despite the stern warning) if you're using a non-Microsoft firewall (like Zone Alarm). |