Firewalls
How am I at risk?
With the increased take up of ADSL and Broadband in this area it is essential that you
protect your home/office PC's from attacks via the Internet. With ADSL/Broadband you are
connected to the Internet 24/7 and this allows hackers to target your "IP address" (your
PC's unique Internet address) and attempt to access files on your PC - such as personal
documents and credit card details. In addition, they may use your PC to launch an attack
against someone else (to hide their tracks) or might simply cause your PC to become
unreliable and stop working.
This problem isn't new, and in fact securing your Internet connection is very similar to
securing any other aspect of your premises. Yale locks and padlocks are familiar to
everyone and these basic tools keep unwanted people out of houses and sheds. With the
Internet, though, the equivalent basic tools are probably new territory to you and this
leaves you at risk.
How can I stop this?
A firewall is any hardware or software device that limits access to your computer or
network whilst allowing you to use the connection for legitimate purposes. To understand
the way they work you need to understand a little about how Internet communications work.
The simplest analogy is to picture your PC as medium sized company's head office.
It's IP address is like the company's main switchboard telephone number, and your operating
system (ie Windows) takes on the job of the receptionist. The company has many departments
serving different purposes; one for sending documents via the web, and another for sending
via email, for example. The way that another PC talks to yours is to come to the
receptionist and ask for the extension of the department it is looking for. These
extensions are numbers called "ports" and many of them have standard values - port 80 is
usually for the web, port 25 for incoming email and port 110 for outgoing email. By default
the receptionist will just put people through anywhere they ask to be put through, and the
job of a firewall is to start refusing connections to some of these ports.
For most people, their internet connection is mainly for getting information from
other people's computers - that is you don't want people reading web pages from your PC
so you want port 80 to be closed. If it isn't, this entry point can sometimes be abused
to gain access to your PC. The solution is reasonably simple, as firewalls for single
computers can be obtained cheaply if not for free -
ZoneAlarm is one of the most famous options.
The situation is more obvious when you have an office network, because now you probably
do want some files to be accessible to computers other than your own - but only to those on
your office network, not to everyone on the Internet. Here the best solution is to have a
dedicated firewall on its own hardware, and preferably not one running Windows in our
experience as this is the platform that most attackers target.
Does a firewall cost a lot? Does it have any other benefits?
If you are the IT manager for a large corporation with a huge network then the answer
to the first question is probably "yes", although if this is you then you shouldn't
need to be reading this! For most small businesses and individuals the answer is no it
doesn't cost a lot, and - depending on the solution you go for - yes, it can offer
several other benefits.
The approach we take at Quarella is to first replace an existing old office PC with a
newer model so that we can reuse the old PC as the firewall. Obviously we can buy a PC
especially for the job, but most companies have PCs in use that would benefit from
being upgraded and the job of the firewall doesn't need a high specification machine.
We then wipe the old machine completely and replace its software with firewall
software. All computers on the network would then access the Internet through this
firewall - safely.
It is quite possible to add extra functionality to the firewall machine - for example
an internal mail server - and so for a relatively low investment a significant gain can
be made in productivity as well as in peace of mind.
These types of solutions are ideal in offices where there are several PCs without even
a network at the moment. Very often several computers will all have modems and connect
to the Internet separately, whereas installing a network can make a whole range of
tasks easier from Internet access to simple things like giving all computers the use
of a printer and/or scanner.
As a guide, Quarella typically charge from £200 to £1500 for installing these types of
solution, depending on the level of work required and the amount of additional hardware
needed.
Are hackers really trying to get into my PC, or is this a lot of fuss about nothing?
One of the things any good firewall will give you is a log of attempted access.
Therefore most people only realise how much they needed a firewall after it was
installed. Quarella typically get dozens of attempted accesses to its internal network
daily; many of these are benign (often badly configured computers on the internet
trying to access services on your computer they shouldn't), but two or three a day are
actual automated attempts to gain access, looking for specific bugs in standard
software such as Windows to try and find a way in.
Just because people try doesn't mean they will succeed or that they will find anything
useful to them or harmful to you if they do. At the end of the day we each have to
decide which risks to take and which to avoid.