'Firewalls' help fend off hackers

February 21, 2000|By Mike Himowitz

As a computer user I've never been particularly paranoid about security, but that's changing. This month's attacks on commercial Web sites such as Yahoo! and Amazon.com, carried out by dozens or perhaps hundreds of "zombie" computers that were hijacked without their owners' knowledge, convinced me that keeping a computer safe is a lot more complicated than it used to be.

This is particularly true if you've joined the ranks of the hard-wired and have high-speed, direct access to the Internet, such as DSL or cable service. Unlike dial-up connections, which require you to make a phone call, these services are always on and leave you open to the same sort of probing from Internet vandals that large businesses have been dealing with for years. The difference is that large companies have "firewalls" in place to fend off these assaults, while you don't.

Well, it may be time to raise your shields, as Captain Kirk might say. Luckily, there are several programs available to help average users barricade the doors, including a new one that's absolutely free, easy to use and worked beautifully on my home PC.

Before you start, there are a couple of things you should understand about your computer and the Internet. As I mentioned last week, every PC attached to the Net has a unique number, known as an IP address, which looks something like this: This scheme allows any computer on the Internet to contact any other, just as the unique combination of your ZIP code and street address allows anyone to send you a letter.

Since it's hard to remember numbers, most computers also have names, such as www.yahoo.com, that you type into the address bar of your Web browser. A computer called a Domain Name Server takes the name you entered and looks up its numeric address, which your PC then uses to make the connection.

When you dial into the Net with a modem, your Internet Service Provider generally assigns you an IP address for that particular session. The next time you log on, you'll probably have a different address. This doesn't affect your experience, because you're not using your computer as a server and other people aren't regularly trying to initiate contact. But cable and DSL users usually have fixed IP addresses, so they're more likely to be found by hackers who use scanning programs to find potential targets.

The hackers who brought down Yahoo!, E*trade, Amazon and others this month used programs that scanned Internet addresses, looking for computers with weak security. They planted programs on those computers that turned them into "zombies" that flooded the victims with millions of routine messages that effectively put them out of business for hours at a stretch.

To deal with the hijacking threat and protect sensitive information, corporations set up firewalls, which are programs or even dedicated computers that allow only authorized traffic in and out of their systems. But home and small office computers that use cable or DSL may be wide open, particularly if they're on a small network that uses Microsoft Windows' File and Printer Sharing.

If you'd like to test your computer's vulnerability, surf to the home page of Gibson Research Inc. (www.grc.com), whose president, Steve Gibson, is a legendary programmer and author of SpinRite, a superb hard disk diagnosis and repair utility. Gibson's "Test My Shields" page will probe your computer for vulnerabilities and give you a detailed report, along with advice for correcting the problem.

One of those solutions is a personal "firewall" that protects your PC against intruders. Until recently, these programs were far too technical for average users (they give experienced network administrators fits). But in the past year or so, firewalls designed for home and small office PCs have become available, and they're worth trying.

This week, for example, I installed ZoneAlarm from ZoneL abs of San Francisco, which is free for downloading from the company's Web site (www.zonelabs.com).

ZoneAlarm, which runs under Windows 95/98/NT, is easy to install and provides two kinds of protection. First, it silences the open Internet "ports," or communications channels, that hackers frequently use to sneak into victims' computers. Known as "stealth mode," this feature essentially makes your computer invisible to random network probes.

Just as importantly, ZoneAlarm allows you to control which programs on your computer have access to the Internet, a protection against viruses, Trojan horses and zombie programs that may have been installed without your knowledge.

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.