Think about your network and computer like you would a house. Think about every way to gain access to your home as a vulnerability. Now imagine that simply finding a crack under a door could allow direct access to all your financial information. That sounds pretty enticing for a criminal, right?
Hackers generally look to exploit these weaknesses by sending you Trojans, worms and viruses and some just want to try to take down your system. Using a firewall will help keep these hackers at bay.
A solid firewall will help you stop intruders from accessing your system. You keep your internet link to the outside world but the outside world can’t view you unless you want them to. With a firewall in place you will still have typical email access, but chat and other interactive programs will require you to take an extra step to grant access before you can use them.
Some of the most common methods to attack or view computer data include:
- IP Spoofing – This form of attack occurs when someone outside your network spoofs your computer into recognizing the intruder as a trusted source–either a trusted internal source (by using an IP address that is within the range of IP addresses in your network) or a trusted external IP address that your system recognizes. IP spoofing only works when a hacker learns your IP address. The hacker then modifies the packet headers on his communications to your computer. A packet header is present in any transfer of computer data and is similar to a routing number on a check. The header guides the packet of data on its journey just as a routing number guides a check.
- Network Packet Sniffers – Windows sends network packets as unprotected clear text, inadvertently allowing anyone to pick packets up en route for a closer look. Even though some packet sniffers are legitimate (for network management) others are used to steal your information while in transit. This method is a hacker favorite because it’s easier to pull off, harder to get caught. (Think of Firesheep)
- Man-in-the-Middle Attacks – This type of an attack occurs when someone accesses information between two individuals without either one detecting the infiltrator’s presence. If both parties are using a public-key system to send data, the man-in-the-middle can intercept the public key, use it to decipher the message, copy it, then recode the data again to continue sending it on its way.
- Distribution of Sensitive Internal Information to External Sources – This form of an attack could involve a disgruntled employee or someone who has or once had access to sensitive corporate information. The individual could place the sensitive data on an external computer (such as an external FTP server or share a drive on a network) so others can have full access.
- Password Attacks – Passwords are the most vulnerable to attack. Once someone has access to a user’s password, the attackers will then have the key to personal information. There are several ways an attacker can steal passwords. The most common are:
- Password Guessing – This technique is often ineffective because it takes a long time to guess someone’s password, even if the password is a common one. Attackers can either enter guesses manually or electronically.
- Brute-Force Logon – This technique is essentially the same as password guessing, however, the attacker tries to quickly gain access to a user’s username and password by using guessing tools to automate the process.
- Password Cracking – This technique is more effective than the previous techniques. Password Cracking software obtains the password file in Windows through an elevated level of access, then uses a tool like PWDUMP to view the password data you’ve saved in a file.
Hopefully, now you are feeling like a firewall is an important part of your security plan. Below, I have put together my favourite firewall tools and those that will satisfy basic users all the way to paranoid SOHO users.
Basic (Software Only)
Windows Built In — The Windows Vista firewall filters incoming and outgoing traffic and Windows 7 includes a two-way firewall with lots of good features and configuration options. In order to compete with Microsoft’s ever-improving built-in Windows security, third-party vendors of firewalls for Windows are creating security suites with firewall and additional security modules. The standalone Windows firewall software market is morphing into a security-suite market. Vendors who continue to market standalone Windows firewall software products are addressing XP and Vista users as well as any Windows 7 users who haven’t yet realized that the Windows 7 firewall is a perfectly good alternative to firewall products from third-party vendors.
Kaspersky Internet Security Suite – If you are using an internet security suite that includes anti-virus and other components, including a firewall, Kaspersky offers the most flexible and powerful firewall within their software suite. Kaspersky Internet Security is a two-way firewall and more. The firewall monitors every network connection to the computer. When the product detects a new network, the user can assign a status based on whether it is a public network such as the internet, a local network at home or in a corporation where access to files and printers is required, or a trusted network where it is safe to allow all traffic to flow unchallenged. When subjected to port scanning by the Nmap Security Scanner, the firewall component in Kaspersky Internet Security scans, filters, blocks and stealths in an acceptable manner.
Basic (Hardware with Wireless for SOHO)
D-Link 655 Xtreme N Wireless Router with QoS and Gigabit Ports — “Support for WEP, WPA™, and WPA2™ security standards ensure that you will be able to use the best possible encryption regardless of your other wireless devices. To prevent possible attacks from the Internet, the DIR-655 uses dual active firewalls (SPI & NAT) to help protect your valuable data.” Editor’s Choice — PC Magazine, Computer Shopper, LAPTOP Magazine, Maximum PC, Practically Networked…
Advanced (software only)
Zone Alarm PRO Firewall (Standalone) – The OS Firewall system monitors behaviors inside the computer as well as traffic flowing to and from the computer. Since not all anti-virus and security suites work 100% of the time, the OS Firewall system is looking at raw data access, SCM and COM type of attacks. 0-Hour Protection – prevents silent outbreaks from gaining system access even before the threat is known by other security programs. The early boot protection protects the OS before most security products even load. This 2 way firewall also allows full stealth mode and kill controls that can be configured to make you invisible and to instantly disable malicious programs.
Advanced (Hardware with wireless for SOHO)
The SonicWALL SOHOTZW, which include an ICSA-certified stateful packet inspection firewall. The SOHOTZW is a flexible firewall security solution for small businesses or branch offices. It offers a variety of configuration and service options,, IPSec VPN, and support for the comprehensive portfolio of SonicWALL security services. This appliance also provides secure WIFI.
Paranoid (Hardware without wireless for SOHO)
Sonicwall TZ210 – The SonicWALL TXZ210, which include an ICSA-certified stateful packet inspection firewall. The SOHO3 is a flexible firewall security solution for small businesses or branch offices. It offers a variety of configuration and service options, including a choice of 10, 25, 50 or Unlimited node configurations, IPSec VPN, and support for the comprehensive portfolio of SonicWALL security services.
Disclaimer: Security Beacon makes some of its revenue based on Google advertising and links to Amazon. So, if you end up purchasing a product based on a Security Beacon recommendation we may receive a referral fee from Google or Amazon. This helps pay our hard working staff and keeps our spouses happier.
In this article
- Best Practices
- Home security
- Network hardware
- Product Recommendation
- Remote Access Solutions
- WiFi / Wireless networking
- attack occurs when someone
- comprehensive portfolio of sonicwall security
- firewall security solution for small
- flexible firewall security
- flexible firewall security solution
- hardware with wireless for soho
- icsa-certified stateful packet inspection firewall
- include an icsa-certified stateful packet
- internet security
- internet security suite
- kaspersky internet security
- offers a variety of configuration
- os firewall system
- portfolio of sonicwall security services
- standalone windows firewall
- standalone windows firewall software
- windows firewall software
- wireless for soho