Security Sin 2 - "I'm using Windows Firewall, so I'm protected from internet threats"

When it comes to protecting your computer against security threats, the most important line of defence is the firewall. This piece of security software separates your PC and the rest of the internet and works like a filter, making sure your computer is safe from threats residing on the internet and even on the PC itself.

The easiest way to think of a firewall is to imagine a border control between countries. In the same way that border police will look at everyone who comes in and out of a country, and check their passports, a firewall is your computer’s border control that patrols between it and the internet.

The job of the firewall is to examine all incoming and outgoing connections, checking that there aren’t any connections which are designed to do harm to your PC.

Whenever you browse the internet, your computer is constantly accepting information from web sites and displaying information to web sites which allows them to communicate. While this is an essential part of how web sites and emails are sent and displayed, it also leaves your PC open to all kinds of dangers. If there was no firewall between your PC and the internet, then every piece of information on your PC would be under threat, and there would be no way of stopping the spread of malware. All this shows just how essential a firewall is.

While one way in which your computer can be attacked is through viruses and malware, there are plenty of other threats out there which your standard security software may not pick up. These include remote connections from malicious software, and hackers trying to take control of your PC to steal information, or control it remotely.

For several years now, Windows has come with its own firewall, which is designed to improve the security of the system. However, the firewall included in Windows Vista isn’t designed to provide a total system security, but to provide a first line of defence to keep your system healthy, and it’s recommended that you upgrade to a more comprehensive firewall.

Sergei Shevchenko from PC Tools explains why it’s important to build on the basic Windows Firewall for an all-encompassing security set up:

“Windows Firewall should be considered an infection prevention solution as it provides a basic inbound intrusion prevention,” he said. “While an inbound prevention is considered a very important element in a firewall operation, it provides no protection if the malicious code has already penetrated and compromised your system.”

The reason for this is that to fully protect your PC, a firewall needs to inspect both incoming and outgoing streams and analyse them for risks. If a virus, Trojan or any other kind of malware got onto the PC without the firewall noticing (by piggybacking on legitimate software or installation via a USB stick) then it could communicate with its maker without the firewall realising.

Reader rescue

This month we visited Windows Vista Magazine reader Claudette Jones and her husband Stuart from Aberporth in Wales. Their two Windows Vista PCs are very much an
important part of their family lives.

The family has been deeply affected by the death of their daughter Sheryl, who died three days after taking a prescribed anti-depressant drug. Since then Claudette and Stuart have devoted their time to raising public awareness about the effects of drugs used by the NHS, and regularly email information on prescription drugs to hundreds of supporters.

PC security is important to Claudette and Stuart, so they volunteered to take part in our campaign to see if their security solution was up to scratch. While their anti-virus protection and spyware was up to date, their firewall left a lot to be desired. With their line of work and the amount of precious email addresses stored on their PCs, the couple is concerned about their computers being infiltrated by viruses or worms which may then lead to these addresses being used for illegal purposes.

“We use those email addresses as part of raising awareness about dangerous drugs and pharmaceutical companies, and if they were used for spam or spreading viruses, that would be terrible for our credibility,” said Claudette.

By using a standard firewall which doesn’t inspect the nature of outgoing traffic, they were vulnerable to malicious programs which either entered their PC’s hard drive bypassing the firewall – perhaps by a USB drive – or disguised themselves as legitimate programs and piggybacked on another download. This could leave their PC open to many kinds of risks, especially to malware programs which attempt to ‘phone home’ to transmit sensitive private information.

We installed a copy of PC Tools Internet Security Suite, which brings together a range of security products such as an anti-virus and Spyware Doctor, with a great firewall product which includes traffic monitoring, which is essential for any secure set up. Those who already run a security suite may opt to use PC Tools Firewall Plus instead, which can be downloaded free from www.pctools.com.

After the installation of PC Tools Internet Security, we ran a scan to check for any programs which may have slipped under the radar – and what was found was worrying. The full scan found a dialer aptly named ‘BT!DialerSD5’ which posed a threat to their security. The program works by changing the number dialed by modems to connect to ISPs to a premium rate number, which will stay unknown to users until their bill comes through charging for internet use at extortionate levels.

As broadband customers, Claudette and Stuart were safe from phone bill harm, as they don’t use a dial-up modem to connect to a phone number. However, the dialer residing on their PC had already made the necessary registry and settings changes for it to operate, which signified a considerable risk to their computer’s security.

Six things to look for in a firewall

1 Look for a firewall that is capable of rendering your computer completely invisible to outside hackers by staying as “quiet” and invisible as possible.

2 A good firewall should have a user-friendly interface that allows you to adjust your firewall’s settings effectively, add and remove rules and exemptions and tweak the settings to meet specific needs such as video streaming.

3 Automated online updates, such as PC Tools’ Firewall Smart update, that will keep your firewall armed with the latest rules and definitions. Check your firewall is regularly updated, as threats change often.

4 A smart alerting mechanism that alerts only on suspicious behaviour by applications that try to hide their attempts to access the network, while silently allowing known-safe applications, such as those shipping with Windows Vista.

5 A firewall must block malicious software from uploading your data – potentially sharing it with criminals – or infecting other computers on the internet, and examine
network traffic and suspicious activity.

6 Your firewall should never affect or slow down computer or network speed when in use. Good firewalls have a low PC footprint, so they don’t hog resources.

Join our campaign!

Pledge your support for our campaign and you can win security software worth £50