Firewall Help needed -- Shareware vs. Bought.

[Flitred]

Yahoo!! After 3 false alarms and ~8 mos of waiting, i finally got DSL.

Assuming I should get one, (although i don't quite know why i need one), Are the ones on CNET's Download Center (a.k.a 'Free') worth the effort of dling, or should I just drop some cold, hard cash for one?

What firewall do you guys recommend?

I'm a bit of a security novice, so any/all imput would be appreciated.

Thanks in advance,
-Flit

[kcarrera]

Flit,

First of all, you MUST get a firewall. It takes on average about 20 minutes for an unprotected box to be hacked.

I would recommend Zone alarm pro. It is free, and pretty easy to set up. If you want put a little money in, build you a linux box and run IP tables. That little software package is pretty good, and you can actually nat your private lan.

If you can not get a FW, make sure you have good passwords on your shares. Assuming you are on a Windows Box. Also, if you plan to run a web server, make sure that thing is patched. The point is, do not run any useless services, and if you are not planning to use your box when you are away, drop the IP address completely and take it off the network.

Hope this helps,
Ken

[Flitred]

Please pardon my ignorance:


"...can actually nat your private lan. "
what is 'nat'?

"...make sure you have good passwords on your shares."
what is (a) 'share(s)'?

"...do not run any useless services, ..."
'Usleless services' such as?

"...and if you are not planning to use your box when you are away, drop the IP address completely and take it off the network. "
I'm assuming this means just disconnect from DSL provider/turn off DSL modem.

Thanks again.
-Flit

[kcarrera]

Flit,

Sorry about that.

NAT means Network Address Translation. See, you have you firewall or router sitting at the perimeter (where you hook up your actual cable and receive you internet connection). That firewall will have the IP address the ISP assigned you. However, you can put boxes ( the one that you surf the internet with) behind that firewall. That way, you will have a private IP address with your box in the firewall, and it will be translated when it is leaving your firewall. The main point is, to attempt to hack your box, the attacker will have to go through the firewall first.

For shares, if you are using Microsoft, there is a service known as Netbios. This allows a remote computer to "map" a share to your box. That means, I can issue a command to map a drive to your IP address, and if you do not have a strong password, I can guess it, then I will have control of your box.

Useless Services. There are like, HTTP, Telnet, FTP.

About dropping your IP, if you are using 2k/NT, go to the command line and issue "ipconfig /release" IF you are using DHCP. however, if the ISP assigned you a static IP address, just unplug the cable from your box.