Wednesday, November 11, 2009

Personal Firewall Basic to In-depth Home Computer Security Guide Page 6

Figure 3 shows where the personal firewall fits into the connection of a home PC to the Internet. Obviously the personal firewall is not a discrete component, rather it is software that runs on the home PC, but it’s shown separately for clarity. As illustrated, the goal of the personal firewall is to ensure that traffic from intruders cannot reach the home PC – understanding that the firewall will not block attachments bearing malicious code.

Some of the freeware & shareware firewalls are listed below:

Configuring Internet Connection Firewall

Windows XP with SP2 includes a built-in firewall called the Internet Connection Firewall (ICF). By default it is disabled, ICF can provide an additional layer of protection against network based attacks such as worms and denial-of-service (DoS) attacks. To Enable ICF do the following steps:

1. Go to Start menu\Control Panel\Network and Internet Connections\Network Connections\ Under the Dial-Up or LAN or High Speed Internet category, click the icon to select the connection that user wants to help protect Figure-4.


2. In the task pane on the left, under Network Tasks, click Change settings of this Connection (or right-click the connection user wants to protect, and then click
Properties Figure-5.


3. On the Advanced tab, under Internet Connection Firewall, check the box next to Protect my computer and network by limiting or preventing access to this Computer from the Internet Figure-6.


There are some limitations with ICF that must consider before enabling it. ICF does not have the rich feature set provided by many third party products. This is because ICF is intended only as a basic intrusion prevention feature. ICF prevents people from gathering data about the PC and blocks unsolicited connection attempts. The biggest limitation of ICF is that it protects the user only from inbound pests; it doesn’t alert the user to suspicious outbound traffic.

Disconnect from the Internet when not using it

The user relying on traditional dial-up access to the Internet will likely disconnect when they are not using the connection since usage limits apply and they may only have one phone line. On the other hand, home users with “alwayson” broadband access services such as cable modems or DSL/ADSL+ may be tempted to leave their computer permanently connected to the Internet. A permanent connection allows them to access their files over the Internet from a remote location. The problem is that the longer one remains connected, the longer an intruder gets time to attack the host.

It is recommended for the broadband home users that they should turn-off their
cable /DSL/ADSL modems when they are not using Internet at all.

Or for those users who are directly connected to their ISP with their network cards, they should disable their network cards in the operating system when they are not using their systems to access internet

To disable the network card in Windows 98, follow the following steps:

* Right-click My computer\select properties\ click device manager

* Expand Network Adapters

* Select the Network adapter that is used for ISP connection

* Click properties

* Select Disable in this hardware profile.

To disable the network card in Windows 2000/XP, follow the following steps:

* Right-click My network places\ select properties

* Select the Local Area Connection used for connecting ISP.

* Right-click and select Disable.


No comments:

Post a Comment

You Have Successfully Posted the Message.