First, how do we prevent other computer from connecting to ours? There's two solutions- a software firewall or a hardware router/firewall.
|Hardware Router/Firewall||Software firewall|
|Blocks all incoming traffic.||Could be expensive.||Blocks all incoming traffic.||Usually protects only one computer.|
|Protects all computers on a network.||Cheaper models doesn't block outgoing traffic.||Some solutions also blocks outgoing traffic.||Configuration can get tricky, esp. on a network.|
|Easy to share an internet connection with several computers.||Content filtering only in the most expensive models, subscription based.||Some solutions provide content filtering.|
|Usually cheaper than a hardware solution.|
The two solutions aren't mutually exclusive. Many people recommend using both a hardware and a software solution. The rationale is that the hardware router/firewall will block all the incoming traffic, while the software firewall will prevent certain malware from making outbound connections. Personally, I'm not too worried about the latter, but it's still something to consider, esp. in homes with kids (read: teenagers).
Hardware routers and firewalls are a little more expensive than the software solutions, but in my opinion, they are worth every penny. For under $100 you can get the cheaper routers such as the Linksys 4-port router, the SMC Barricade 4-port router, the D-Link DI-704 4-port router, and the NetGear RT-311 router. For under $200 you get additional features such as wireless access, additional firewall features, more LAN ports and also some parental control features.
Getting a real firewall is going to cost a little more. The Sonicwall SOHO2/10 is a solid firewall that can protect up to 10 computers. Price: around $400. The Watchguard SOHO/10 is comparable to the Sonicwall, and is priced around $300. The Watchguard comes with one year of free LiveGuard subscription that gives you firmware updates and support. This subscription will have to be renewed annually. The Sonicwall comes with free firmware upgrades and e-mail based tech support. Both solutions has add-on content control.
For the average home user, there's virtually no configuration necessary as most of these work fine right out of the box.
Let's make the Linux users somewhat happy first. Yes, you can use a Linux box as a firewall, and get much of what you'll get from one of the hardware firewalls above. However, this requires a knowledge of networking and Linux that many home users don't have.
There's a large number of software solutions as well, ranging from free to very expensive... I'm going to mention only a few, popular choices.
Let's start with the free stuff. ZoneAlarm is a very popular software firewall. It blocks network traffic based on what application is attempting to communicate rather than the type of network traffic. This is a very effective way of preventing certain applications such as trojan horses and spyware from calling "home". As you are using applications to access the internet, ZoneAlarm will ask you if it is OK for that application to access the internet. Depending on your answer, access is allowed or denied. There's also ZoneAlarm Pro, which does cost money, and it has some extra features such as MailSafe that scans E-Mail.
Symantec has a number of products, either sold separately or as a Suite. The Suite contains personal firewall, parental control and anti-virus solutions. Since you'll probably want at least two of those, it makes most sense to get the suite... First, let's look at Norton Personal firewall 2002. There's been some changes since I looked at NPF2000. The most noticeable is the "application control" that they've added. Other than that, expect the usual- All incoming traffic is blocked by default, you can define trusted zones and/or computers that can connect to your computer. Symantec makes good software, and this firewall is another good solution for home users.
Norton Anti-virus is another part of the Internet Security Suite. An anti-virus solution is absolutely necessary, and this is again a very good product. It has a feature to scan incoming e-mail for viruses, which adds to the value of the product.
Norton Parental Control and Privacy Control are only available in the Internet Security Suite. The Parental control allows you to prevent anyone from connect to websites with "objectionable" content. Just pick and choose what you find objectionable, and the sites are blocked. I must assume that this list is updated regularly using LiveUpdate. The Privacy Control is to prevent certain private information to be sent out on the internet, such as social security numbers, phone number, credit card numbers, etc...
Network Associates' McAfee Internet Security 4.0 is a suite similar to the Norton Suite. It has the firewall, the virus protection, the parental control and the privacy protection. It also contains the McAfee shredder for safe file erasure and a file guarding to protect files and folders from prying eyes. $62.95 from Outpost.com, $64.99 from MicroWarehouse.com
The fact that I've written more about Norton than about McAfee should not be perceived as me recommending one product over the other. They are both very good solutions, and you should check out reviews for the solutions before making up your mind.
The minimum requirement is anti-virus software and some sort of firewall, it be hardware or software. If you have more than one computer, then a hardware router or firewall is probably a better choice than a software firewall. The rest is pretty much a personal choice. If you are concerned about some malware getting past your router, then get a free copy of ZoneAlarm. If you want the parental control and/or the privacy protection, then consider getting one of the software suites as well.
You should be able to configure your anti-virus software to automatically update the virus signatures. If you have an always-on connection, then set it to check for new signatures daily! It doesn't cost you anything, and if you leave your computer on all the time, you can do the update while you're not there. It's preferable to scan all files regardless of extensions. Auto-protection should be enabled so that all files are scanned when saved, run or opened. You should also schedule a weekly scan of your hard drive(s), just in case something snuck by...
Most of these comes with a default configuration that suits most people. Unless you are running a server of some kind, the firewall should block all incoming traffic. For outbound, many personal firewalls now uses application specific rules, but you can still allow/deny on service. Things you may want to allow outbound are: SMTP (sending e-mail, port 25), POP3 (receiving e-mail, port 110) and HTTP/HTTPS (web surfing, ports 80 and 443). A number of websites uses additional ports, which makes it a little trickier to make sure you can get to everything without opening up everything going out...
Just like the software routers, these often comes with a default configuration that is suitable to most people. All inbound traffic is denied and all outbound traffic is allowed. Your outbound control options may not be so configurable here, but you should still consider blocking outbound access on ports 135 through 139. That's the ports used by Windows for it's file/print sharing and also RPC (remote procedure calls, the ability of one computer to run stuff on another).
© 1999-2005 Lars M. Hansen