Hackerproof Your Broadband Connection with a Firewall
Along with its many benefits, broadband access also brings the threat of potentional attacks by hackers or Trojan horses infiltrating your network. If you're worried about the downside to broadband, fear not -- we have the 411 on the most important component in protecting your PC/Network from attack, firewalls. Plus, we'll delve into how and when to remove Windows XP's ICS in order to share PCs and your internet connection via a router.
By Ron Pacchiano
Q. I was very excited about my new DSL line. That was until I spoke to the computer repair guy at my office. He told me that computers with high-speed Internet connections are more prone to be attacked by hackers or Trojan horses than people using dial-up connections. To protect my PC he suggested that I download and install ZoneAlarm on my computer. So I did. Since installing it, though, it's constantly alerting me that someone is trying to access the ports on my computer. Needless to say, this has me extremely worried. I really like the speed of my new connection but all of these attack messages are making me very uncomfortable. I'm even considering going back to dial-up. Is someone really trying to gain access to my PC or is this type of alert normal, and is there anything else I can do to protect myself from these attacks?
A. While I understand you concerns, I don't think you need to abandon your DSL line just yet in order to feel protected. There are a number of things you can do to protect your PC, but before we discuss that, I think that a bit of background might be helpful. The most important component in protecting your PC/Network from attack is a firewall.
Basically, a firewall is a device that sits between your DSL modem and your computer -- a sort of gateway that all of the data entering and exiting your network MUST pass through. Firewalls monitor network activity and filter out any unauthorized traffic. This traffic moves in and out of the router on ports. Different types of data travel over specific ports. For example, web traffic uses port 80; e-mail, ports 25 and 110; and FTP, port 21. This constant monitoring is what protects your PC from attacks.
There are two types of firewalls: software (like the one you're using) and hardware. A software firewall can be a good choice, but they can vary wildly in their capabilities and effectiveness. This is because software firewalls typically have far more configuration options to choose from, which can greatly affect their performance, and if you're not very knowledgeable on TCP/IP, configuring this correctly can be quite a challenge. One advantage software firewalls do have is that they often include additional features (pop-up advertisement suppression, for example). Some vendors also offer basic versions of their firewalls which can be downloaded for free.
Speaking for myself, I would go with a good hardware firewall. A decent hardware firewall can cost as little as $50, and they usually provide excellent protection against most forms of attack. They're effective, inexpensive, and much easier to configure than software firewalls. Of course, if you prefer, you could use both a hardware and software firewall together for even greater protection, but this would also be much more difficult to configure.
A firewall isn't the only method of protection available to you. A good anti-virus package is equally important; I would seriously suggest that you invest in a good one. I'm partial to Norton and MacAfee myself. However, keeping your virus definitions updated is far more important than which program you use. I cannot stress the importance of this enough. Making sure your definitions are current is absolutely crucial to maintaining your protection. Many antivirus programs today can be configured to automatically update themselves, so you have no excuse for not maintaining them.
With that out of the way, we can now discuss those attacks that have you so worried. Unfortunately, in your question you failed to go into any great detail about the messages themselves, but keep in mind that alerts from a firewall are not necessarily an indication that your system is being compromised. In many cases, this is just the result of suspicious activity on the network. Most of the alerts you're getting from your firewall are probably a mix of legitimate activity and unsolicited traffic.
The only way to tell for sure is to review your firewall's logs on a regular basis for suspicious activity or a pattern in the attacks. Look for things like multiple entries from a specific IP address or what time of day an attack occurs and how often it repeats. The logs can be somewhat cryptic, but your firewall's documentation should be able to help you decipher them. If you're still confused, you should contact the vendor for additional assistance. While nothing can completely protect you, it is easier to spot potential problems by just being familiar with regular activity. The only way to do this is by regularly making observations and putting in the time. Remember, a little bit of diligence is your best protection.
Q. My brother and I are trying to configure our computers to share our Road Runner cable modem. So we went out and purchased a Netgear router and connected the network cable from the cable modem to the router's WAN port. Then we connected both of our computers to LAN ports on the router. After connecting everything, we tried running Microsoft's Network Setup Wizard. When we did this, we got an error message that said, "Cannot complete the Network setup wizard: Other computers cannot connect to the Internet through this computer." We double-checked our cable connections and everything looked right. We are both using Windows XP Professional, and my brother's computer is set up as the host. What do you think the problem could be?
A. Even though you didn't come right out and say it, your question implies that you're running Microsoft's Internet Connection Sharing (ICS) on the Windows XP host computer. When you're using a broadband router, you don't need to use Windows XP's ICS feature. ICS is necessary only when you lack a router and instead connect the Internet connection directly to a PC. You then need a separate network card in that host PC to connect to your internal LAN and the machines on it. This is what allows you to share that broadband connection. Having ICS installed and running is no doubt the cause of your problem. Disable it. To do this, just right-click on your network adapter and select "Properties," click the "Advanced" tab, and then uncheck the Internet Connection Sharing option.
Once that's been done you need to make sure that both computers are set to "Obtain an IP address automatically." This will allow them to obtain an address from the router when connected to it. You might need to reboot the machines in order to have an address issued.
At this point, if you haven't done it already, you need to configure the router to work with your Internet connection. This is typically done by using a web browser to connect to the router's default IP address (it's probably 192.168.0.1 or something similar). Logon information is provided in the documentation. Most routers come with a setup wizard to make this task easier for you. Once the configuration has been completed, a reboot of the router should be all you need to get your PCs surfing. Good Luck!
|Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums|