March Madness
Okay, I admit, my lame
excuses as to why I haven't put out a newsletter since
December are, uh, lame. One of my English friends uses
the line "blame it on the drink," but since I don't
drink, I can't swipe that one. So my best option is to
use my admitted addiction to college basketball as a
crutch. It's all those basketball games on ESPN and CBS
and Fox Sports Network and Raycom that are at fault,
they just won't stop broadcasting them!
Maybe I'll change my
loyalty to curling or Australian rules football or
something similar. That would leave me all the time in
the world to take care of my responsibilities.
So let's talk about
something less sports-oriented, and I'll try not to
think about the fact that the Sweet Sixteen games are on
this weekend....
Instead, let's
talk about firewalls. In particular, let's talk about
one firewall,
ZoneAlarm from ZoneLabs.
When I was a sprout, a
firewall was the hunk of metal that kept the heat from
the car engine from getting into the passenger
compartment and roasting us all out. I think my first
car, a rustbucket AMC Hornet, never had a firewall, as I
always felt a little too toasty warm while tooling that
bad boy around town. That isn't what we're talking about
today. If you plug the term "firewall" into the
Webopedia search box on my site, you get...hey, you get
an error message! Gotta check that. But once Webopedia
is properly propitiated, you get the following
definition:
A system designed
to prevent unauthorized access to or from a private
network. Firewalls can be implemented in both hardware
and software, or a combination of both. Firewalls are
frequently used to prevent unauthorized Internet users
from accessing private networks connected to the
Internet, especially intranets. All messages entering or
leaving the intranet pass through the firewall, which
examines each message and blocks those that do not meet
the specified security criteria.
That wasn't so bad. If
we down a couple of Excedrin, we might even get some
meaning out of it. Okay, in non-geek speak, here's my
stab at reinterpreting the above:
A program for your
computer that keeps unwanted visitors out of your
machine while you're surfing the Internet.
That sounds better.
Basically, a firewall keeps hackers, crackers, malicious
teenagers, and those with more time and computer
knowledge than common decency out of our PCs while we're
happily surfing or chatting. A good firewall also
monitors the information you send out to the Internet
and the programs on your computer that access the Net in
your behalf...and believe me, there are more programs on
your machine accessing the Net than you might think. A
few years ago, common wisdom held that only networks and
corporate servers needed firewalls. That probably wasn't
true then, and it certainly isn't true now.
Upshot: if you don't
have a firewall program of some sort on your computer,
you're totally vulnerable to whatever incursions any PC
marauders might want to undertake against you. When you
fire up your Internet connection and open your browser,
you're in the same position as if you were be-bopping
down the middle of the street in the "bad" part of town,
diamond watch fob glittering in the streetlights, while
you openly count your money roll and whistle the
"Gilligan's Island" theme. You're vulnerable. You should
take precautions. And since you can't use your tae kwan
do or your Smith and Wesson on Internet predators, you
need something else instead to keep you safe and
unmolested in your surfing. Here's where the firewall
comes in, and particularly where ZoneAlarm comes in.
(Technically, any PC-based firewall program isn't a true
firewall, but more of a filter program. Okay, okay.)
I'm not a ZoneAlarm
shill. ZoneLabs pays me nothing to talk about their
product; heck, I seriously doubt they even know I exist.
And I'm no firewall or security expert. But I do know a
thing or two. Like everyone else out there, I need a
firewall on my computer. Like most everyone, I'd rather
not pay for a program when I can find one that suits my
needs for free (or at least on the cheap). And I want
one that's going to do its job, do it well, and not
bother the britches off of me in the process. Hence,
ZoneAlarm. (Okay, I know that there are other firewall
programs out there. I'm not saying this one's the only
one of value. But it's the one I know, and probably the
best one for non-techie users who don't want to get into
TCP/IP configurations and the like. If you're a budding
geek, try one of the programs from Tiny, Conseal, or
others that are a little more advanced than ZoneAlarm.)
ZoneAlarm comes in two
flavors, the plain-vanilla ZoneAlarm 2.6 that's free for
the download ($20 for the corporate users out there) and
ZoneAlarm Pro 3.0, for $50. Why buy the more expensive
version? Short answer: you probably don't need to. The
basic version blocks access to all of your computer's
ports (think deadlocks on your home's doors and windows,
if you need a metaphor). It also puts your PC in
"Stealth Mode," which basically means you're surfing the
Net without leaving too many traces of your ramblings on
the sundry Web sites you visit. It's compatible with all
versions of Windows from 95 through XP, it runs on older
computers (from 486s on up), and it is easy on system
resources. The Pro version gives you a lot of extra
protection for your buck -- it keeps worms and Trojans
out of your e-mail, it does more to keep your info from
being disseminated across the Internet, blocks Web ads,
and manages cookies. But again, if you don't know why
you need the extra protection, you probably -- emphasis
on probably -- don't need it. (Don't let me talk you out
of buying the Pro version, if you've got the fifty
smackers lying around unneeded. There's no such thing as
too much protection.) The basic version has three
different levels of Internet security; your best bet is
to take the defaults until you've had a chance to look
through the Help documentation and figure out which
level suits your needs best. (Stay away from the Low
settings, they just let too much stuff go by.)
It's easy to install,
and for the most part, easy to operate. You can let it
install itself and run with very little input or
configuration on your part (if you want to play with the
menu and interface, go right ahead -- there's lots of
useful things buried in there). Once you install it,
you'll have to do a little work. Every time you run an
application that accesses the Internet, ZoneAlarm asks
you if it's OK for this program to do so, and asks if
you want the program to always have access. Usually
you'll say yes to both, but you'll occasionally be
surprised at the programs that ask for access. Don't be
afraid to say no. ZoneAlarm remembers your input, so you
won't be asked over and over again if it's okay for your
ISP software to hit the nets. Another set of related
options is the Internet Lock -- you can either set
ZoneAlarm to "lock" your computer out of the Net after a
preselected interval, or in cases of problems or
suspected hack attacks, there's a big STOP button that
immediately brings all Net activity to a screeching
halt. Useful! On the flip side, one of the potentially
annoying features is the option to have ZoneAlarm inform
you of every time someone, or something, tries to access
your ports. 90%+ of the time, it's "normal" everyday
port scans, little intrusions from Web sites or banner
ads that aren't particularly welcome, but aren't
harmful, either. You can quickly work up an ulcer if you
take every attempt to scan your ports as a hacker
intrusion. Better to let ZoneAlarm keep a log and
periodically view it; if you see the same IP address
trying time and again to scan your PC, then and only
then should you worry. Even then, it's often your own
ISP trying to sniff out your surfing habits. (ZoneAlarm
also gives you access to sections of its Web site that
explains the nature of these scans, so take a look at
these if you're concerned. No, take a look even if
you're not concerned. It's good info to know.)
Note on installation:
first, run a virus scan with your antivirus program to
make sure there are no buggies already onboard, then
disable your antivirus program before installing
ZoneAlarm. Don't forget to re-enable the program before
doing anything else.
If you're running a
broadband (DSL, cable, or whatnot) connection that's
always "on," you need a firewall program such as
ZoneAlarm even more. Failing to have a reliable firewall
program on such a computer is like walking off from your
car with the keys in it and the engine still running.
Don't do it.
And don't make
the mistake of thinking that ZoneAlarm does the work of
an antivirus program. You'll still need a top-flight
virus protection program, such as the offerings from
Norton, McAfee, PC-Cillin, Sophos, Panda, or so many
more. (My
shareware antivirus page
lists lots of free and inexpensive programs that address
this particular need, though none of the free- or
shareware offerings do as comprehensive of a job as the
big boys.)
Give it a test
run by downloading it from
www.zonelabs.com. If
you like, give it a test drive by visiting Steve
Gibson's excellent Gibson Research Page at
grc.com/default.htm,
click on ShieldsUp!, and let the site's inbuilt
test protocols see how well your PC's shielding
functions (do the test twice, once on your system's
"shields" and once on your ports). Better yet, try a
before-and-after test. You may be surprised at how
vulnerable you were. No, ZoneAlarm doesn't completely
pass the ShieldsUp! test, but it goes a long way
towards sealing your computer off from intruders. And I
would be remiss if I gave you the impression that
ZoneAlarm, or indeed any single firewall, can keep a
determined and knowledgeable hacker out of your system.
It can't. But it can keep the amateurs at bay, and
that's who comprises the vast majority of the Internet
thugs out there. If you're active in the chat rooms or
on the message boards, you're doubly at risk from
malicious little trolls with a little expertise and a
lot of venom. ZoneAlarm, or another firewall, does a
great job at keeping those pests out of your system.
As with any
program of this nature, a few applications are going to
have problems getting along with ZoneAlarm. I've heard
more reports about various audio products such as
RealPlayer and some Roxio programs having some behavior
problems, but I've heard of nothing too worrisome as
yet. There was a problem with an earlier version of
ZoneAlarm making nice with Windows 2000, but the update
for that one can be had at
www.zonelabs.com/downloads/tvupd_w2ksp1.EXE.
It's also worth your time to visit
www.computergripes.com/ZoneAlarm.html
to see a compilation of some of the problems people have
had with ZoneAlarm -- most of the ones on this site are
very minor.
If you try ZoneAlarm,
give me a heads-up on how it works for you, good or bad,
if you wouldn't mind. I'll include representative
responses in the Web (the "forever") version of this
newsletter.
Thanks for reading.
Till next time (sometime after basketball season)....
