Security -- Firewalls and Beyond.

May 14 '01

The Bottom Line Use blocking and filtering software as part of an overall security plan.

Firewalls, virus protections, spyware controls and cookie management constitute part of an overall security program. All have elements of blocking and filtering functions relevant to the average user.

Firewalls control the access of programs to the local network and to the "internet". They control whether programs may act as servers and/or clients and in the case of more advanced firewalls can implement finer degrees of access control (such as which ports may be used). Firewalls also control outside access to your computer and for this they are essential.

Antivirus software looks for "viruses" in files, attachments, boot records, etc. Antivirus software is based on sets of "virus" definitions and requires updates of both the software itself and the definition files to keep up with developments. Antivirus software can also control changes to critical system components such as boot records and the system bios.

Spyware is software which reports information on the system and user back to some collection point. It is particularly an issue where the program to which it is attached must be allowed to access the internet. In this case, spyware protection software can help identify and remove spyware components. To keep current, this software must also be updated.

Cookies are pieces of information associated with a particular browser, often stored for some time on your computer and returned to an internet server. Cookie management is found in most browsers (to some degree) and also in a number of third party programs.

While a user should enforce some controls in all these areas, the extent to which software should be used is an individual decision. There are many factors to be considered such as the risk versus the cost, the individual's concern for privacy, software overhead and potential problems caused by the "cures".

In many cases, the first and best line of defense is simple problem avoidance. Never download or load any unknown software or open unknown file attachments. Read all reviews of potential products (there are other good review sites) and see if they have caused any problems (allowing for the problems of inexpert users) with other people's systems. If spyware is mentioned, do not use the product... there should be alternatives.

Firewalls offer a very good degree of protection where controlling network access is an adequate solution. If you can live with blocking the internet access of a program, say winamp, then it will be unable to report back on you. More importantly, firewalls can protect against outside users accessing your computer. As a firewall, I use zonelarm and am happy with it.

Where a program must access the internet consider spyware protection.

Spyware has become an increasing problem with many programs, particularly free ones. Programs like adaware and optout will help identify and remove spyware software once it is installed, although some spyware is so insidious that removal will require extensive repairs of the OS. Again the best defense is simply to avoid the problem.

Unfortunately some programs have spyware that is built into them and that cannot be detected by spyware protection programs. If these need to access the internet, then the only choice is to avoid them. (Spyware functions are often complained about in reviews.)

For virus protection, I have gone without antivirus software for over a year. My own experience is that antivirus software is slow, buggy and fails to catch some viruses. The definitions also need to be constantly updated, and the update process is not always reliable. The software itself also needs updated from time to time with all the risks that this entails.

Instead I use a system of manual controls. I never open an attachment whose contents I am suspicious of or that has the capability to damage my system. In extremis, I re-associate a file type with an innocuous program such as notepad and review an suspect attachment in that manner. I also never download or load a program from an untrusted source, nor do I install any program that I do not need. (A second boot disk to check out questionable software is a great idea, and it need not be large.)

I do not generally recommend this course of action; using antivirus software is a must for most users. However, it cannot be totally relied upon and should be supplemented by common sense practices. (I typically install InoculateIT PE on other people's systems and I would use it myself.) Be particularly careful about updating virus definition files, I once went for months thinking that I was current when in fact my automatic update was failing (using an older Norton).

Cookie management is very simple... if you can do without cookies. You can disable cookies in your browser and thereby defeat cookie-based spying. Unfortunately, many sites require the use of cookies for even simple activities, and online ordering pretty much always requires it (the alternatives are real ugly).

In the past I used a dual browser system, Navigator (with third party cookies blocked) when I needed cookies and IE when I did not (since IE is hooked into the Windows OS). This way I could do most of my browsing without being spied upon and still have the convenience of cookies when I wanted them. If you don't mind the hassle, this has its advantages, although I would I stick to Navigator 4.7X. Developers have also gotten smarter and front-ended obnoxious cookies, so that they don't appear as third party.

To deal with cookies when you need them, you can use cookie filtering and blocking. You can do this to some degree from within the browser or with cookie management software. Individually inspecting cookies is generally impractical and sites are constantly trying to get cookies past whatever filters you may set up, so both courses have limitations. Periodic cleanup of cookies also has its place, particularly if you have been careful about the cookies you have kept (for this use a cookie management tool). Since Windows locks the IE cookie index file you might also want to manually rebuild the cookie index, which cookie managers do not seem to do.

I have settled on enabling and disabling cookies as required and periodically cleaning out cookies completely. This of course loses you all your nice little login cookies, but I find it the most practical course. With IE, I go into dos mode and clean out everything in the cookies directory. (The index is rebuilt to reflect what is in the directory, in this case nothing.) With Netscape I identify and delete the cookie repository, which is rebuilt empty. (I cannot promise that this will always be the case with all browser versions, but worst comes to worst creating an empty file for the index or repository should suffice.)

Let me conclude with some general input on protecting your system.

Users with lots of disk space might want to check out goback. It will return you to a saved configuration and can be invaluable if you mess up or get hit by a "virus". If you frequently test hardware or software, this is a particularly good idea. So is a second hard drive which contains a copy of (at least) your basic system and can be used for testing (or backup). I use inexpensive, removable hard drive trays which I pick up at computergeeks and this makes drive copying and swapping a lot easier.

Be sure to segregate and backup everything that you create. Do not let programs default saves to scattered locations, put everything in (and under) one directory and backup up whatever you alter. A high speed CDRewriter will make this practical, particularly if you only write out what has changed (although this makes restoring more complex). Complete system backups are great, but time consuming. (Duplexing will only create a second copy of a problem and is intended as a protection against hardware failure.) If you want a complete backup, backup to a second disk, preferably one that is then removed and protected.

Use software protection programs but use common sense controls too. You cannot rely on software to prevent all possible problems.

Finally, try to keep current. Hackers and developers are constantly trying to figure out ways to beat the existing controls. You have to try to keep up, or you may get burned.

Comments on this Review

Write the first comment on this review!

Epinions.com ID:
oscen

Reviews written: 15

Trusted by: 0 members

View all reviews by oscen

View oscen's profile

Ads by Google

Web Filtering SoftwareFor business & school networks. Block Internet access. Free Trial..Wavecrest.net

Internet FilteringInternet content filtering tool for SMBs. Download free trial now!.www.gfi.com/internet-filtering

Business Internet FiltersBusiness Solution for Web Security. Award Winning Service. Free Trial!.www.Webroot.com

Bsecure by Bsafe OnlineProtect Your Family Online with the Trusted Bsecure Family Filter.www.bsecure.com

Christian Web FilterBlocks pornography & spam Works with your current provider..christianbroadband.com/

Epinions | Shopping.com | Rent.com | Free Classifieds | Price Comparison UK

Epinions.com periodically updates pricing and product information from third-party sources,
so some information may be slightly out-of-date. You should confirm all information before relying on it.