Firewalls

Firewalls

How am I at risk?

With the increased take up of ADSL and Broadband in this area it is essential that you protect your home/office PC's from attacks via the Internet. With ADSL/Broadband you are connected to the Internet 24/7 and this allows hackers to target your "IP address" (your PC's unique Internet address) and attempt to access files on your PC - such as personal documents and credit card details. In addition, they may use your PC to launch an attack against someone else (to hide their tracks) or might simply cause your PC to become unreliable and stop working.

This problem isn't new, and in fact securing your Internet connection is very similar to securing any other aspect of your premises. Yale locks and padlocks are familiar to everyone and these basic tools keep unwanted people out of houses and sheds. With the Internet, though, the equivalent basic tools are probably new territory to you and this leaves you at risk.

How can I stop this?

A firewall is any hardware or software device that limits access to your computer or network whilst allowing you to use the connection for legitimate purposes. To understand the way they work you need to understand a little about how Internet communications work.

The simplest analogy is to picture your PC as medium sized company's head office. It's IP address is like the company's main switchboard telephone number, and your operating system (ie Windows) takes on the job of the receptionist. The company has many departments serving different purposes; one for sending documents via the web, and another for sending via email, for example. The way that another PC talks to yours is to come to the receptionist and ask for the extension of the department it is looking for. These extensions are numbers called "ports" and many of them have standard values - port 80 is usually for the web, port 25 for incoming email and port 110 for outgoing email. By default the receptionist will just put people through anywhere they ask to be put through, and the job of a firewall is to start refusing connections to some of these ports.

For most people, their internet connection is mainly for getting information from other people's computers - that is you don't want people reading web pages from your PC so you want port 80 to be closed. If it isn't, this entry point can sometimes be abused to gain access to your PC. The solution is reasonably simple, as firewalls for single computers can be obtained cheaply if not for free - ZoneAlarm is one of the most famous options.

The situation is more obvious when you have an office network, because now you probably do want some files to be accessible to computers other than your own - but only to those on your office network, not to everyone on the Internet. Here the best solution is to have a dedicated firewall on its own hardware, and preferably not one running Windows in our experience as this is the platform that most attackers target.

Does a firewall cost a lot? Does it have any other benefits?

If you are the IT manager for a large corporation with a huge network then the answer to the first question is probably "yes", although if this is you then you shouldn't need to be reading this! For most small businesses and individuals the answer is no it doesn't cost a lot, and - depending on the solution you go for - yes, it can offer several other benefits.

The approach we take at Quarella is to first replace an existing old office PC with a newer model so that we can reuse the old PC as the firewall. Obviously we can buy a PC especially for the job, but most companies have PCs in use that would benefit from being upgraded and the job of the firewall doesn't need a high specification machine. We then wipe the old machine completely and replace its software with firewall software. All computers on the network would then access the Internet through this firewall - safely.

It is quite possible to add extra functionality to the firewall machine - for example an internal mail server - and so for a relatively low investment a significant gain can be made in productivity as well as in peace of mind.

These types of solutions are ideal in offices where there are several PCs without even a network at the moment. Very often several computers will all have modems and connect to the Internet separately, whereas installing a network can make a whole range of tasks easier from Internet access to simple things like giving all computers the use of a printer and/or scanner.

As a guide, Quarella typically charge from £200 to £1500 for installing these types of solution, depending on the level of work required and the amount of additional hardware needed.

Are hackers really trying to get into my PC, or is this a lot of fuss about nothing?

One of the things any good firewall will give you is a log of attempted access. Therefore most people only realise how much they needed a firewall after it was installed. Quarella typically get dozens of attempted accesses to its internal network daily; many of these are benign (often badly configured computers on the internet trying to access services on your computer they shouldn't), but two or three a day are actual automated attempts to gain access, looking for specific bugs in standard software such as Windows to try and find a way in.

Just because people try doesn't mean they will succeed or that they will find anything useful to them or harmful to you if they do. At the end of the day we each have to decide which risks to take and which to avoid.