BusinessWeek Lifestyle: Computers
Back Off, Hacker
Easy-to-use software can keep online intruders out of your PC
So it wasn't your computer that hackers commandeered earlier this month to bring the Internet's largest and most well-known sites to their knees. You're vigilant with your e-mail, discarding messages from people you don't know and never downloading executable programs, those ending with the .exe extension. At work, your company runs antivirus software and has a firewall to protect against intruders.
All good habits. Still, chances are your computer could easily be hijacked into the same kind of mischief that was directed at Yahoo!, eBay, and Buy.com. Think about the e-mail your significant other sent you, the one with the fluttering Valentine hearts. That--and hundreds of other seemingly innocuous e-missives--could have planted a so-called Trojan horse in your machine. Without crashing your hard disk or writing over your files like a virus would, this tiny program might have stealthily opened a back door for a hacker to come in and take over your computer.
Don't panic. You can thwart cyber crime with your own personal firewall. Because the versions that have hit the market in recent months are much easier to use, you no longer have to be a geek steeped in the nitty-gritty of network engineering to safeguard your PC. Indeed, the best home firewalls, if configured correctly, can come close to providing the same level of security as corporate firewalls.
I installed on my computer these updated firewalls--including Norton Internet Security 2000 ($59.95) from Symantec and ConSeal Private Desktop ($49.95) from Canada's Signal 9 Solutions, which McAfee.com bought last month. I also tried out BlackICE Defender ($39.95) from Network ICE, and an appealing newcomer, Zone Labs' ZoneAlarm, which is free for personal use (table).
I also logged on to some Web sites that probed my system for the same holes that hackers seek. Shields UP!, at www.grc.com, steps through 10 of the ports that a PC uses to connect to the Internet, including those that identify it to other computers, let it share files and printers, and send and receive e-mail. Of your PC's 65,000 ports, these are among the most abused by hackers. Another site, secure-me.net, runs a more rigorous test that includes a pint-size version of this month's infamous Denial of Service attack, which caused gridlock on major e-commerce sites.
Firewalls can make your computer, or at least part of it, invisible to hackers. Without them, even if the doors are closed, hackers can still see the doors and know they can check later in the hope that one has been opened. This is especially the case if you're using a cable or digital subscriber line (DSL) modem, where you're always connected to the Net and identified by a Web address that never changes. With a dial-up connection, you're only vulnerable when you're online, and each time you dial in, your Internet provider assigns you a new network address.
The programs I tried all worked as advertised, with Shields UP! and Secure-Me reporting that my computer was locked up as tight as a drum. Each has its peculiarities and different ways of screening for intruders, but they all offer a range of security settings so you can find a balance between the security you need and the features of the Net you want to enjoy. Some Web activities, such as games and chats, are riskier than others: Their programs require you to reveal your network address and set direct connections that see into your computer rather than simply send and receive data via third-party sites. So if games aren't important to you, you can install, say, BlackICE software with the "nervous" or "paranoid" setting. If you want to visit game sites, you can lower the setting to "cautious."
ConSeal Private Desktop offered the broadest range of control, adjustable for the neophyte looking for a little peace of mind or for the expert who wants to configure it specifically for each Web browser, mail reader, and chat program in use. I would hold off on this one, however. Its interface is intimidating for novices, with mystifying detail about ports and Net protocols. McAfee.com will likely overhaul it when it rereleases it in March as part of McAfee Clinic, a $29.95-a-year subscription service.
At the other end of the scale is the easy-to- use ZoneAlarm, with help boxes that pop up to explain how to use the feature your cursor is on. Like the ConSeal product, it makes each program--a Web browser, chat software, or a multimedia player--ask for your permission before it connects to the Net. So even if your system is infected with a virus, you have a chance to stop it from broadcasting any data stored in your computer. For cable and DSL users, it will shut down all communications with the outside world after a predetermined period of inactivity, and there's a panic button that will do the same if you see any suspicious activity.
Norton Internet Security may be the one for you if you don't already have an antivirus program. Besides virus scans and a firewall, it offers a range of other security and privacy features, such as letting you set parental controls for youngsters, remove "cookie" programs that advertisers use to track you, and even block the pesky banner ads that clutter most Web pages. BlackICE Defender is for the vigilantes among us. It traces any attacks back to their source, keeping a log that can be e-mailed to the offender's employer or Internet service provider.
Whatever the disruption this month's attacks caused for their e-commerce victims, they certainly raised awareness of just how little security is built in to the Internet. But with the advent of simple, easy-to-use firewalls, there's little excuse not to start fighting hackers at the grassroots level. Best of all, if you want to, you can do so for free. By Larry ArmstrongReturn to top