ass.2

FIREWALL

Long term readers of this blog will know that I am keen on personal security from the computer perspective and also that I am keen on windows users installing personal firewalls. My friends will tell you how often my eyes roll when they ask me to fix their unprotected machines.
First I guess, a definition of personal is required here.  By this I simply mean it is a software based firewall that sits on the same machine it is intending to protect. So I’m not talking standalone stuff like Smoothwall or Firestarter (both *nix based and free) and neither am I talking about the big boys of Corporate security such as Checkpoint, Cisco PIXes,  Cyberguards, well the list does go on.
I hear often and long about all you need is a router and an anti-virus application (maybe an anti-malware scanner) but you should never need more than Windows provides and certainly you shouldn’t need a firewall beyond stealthing your open internet ports. Well I disagree and I will continue to do so whilst Windows maintains its inherently buggy approach to security. Beyond this I hear the so called experts say that so long as we are careful never to install or click on anything untoward then we don’t need a personal firewall.
Bull.
So long as we all remain human, then we all remain susceptible to malware or buggy software. Take me for example – in >25 years in IT I have never so much as had a virus or any other form of malware attack my PC until recently and I am very careful about what I do and don’t do.
However, I can’t legislate for my children (or my wife) who will click on ill chosen adverts by web masters – and so recently I ended up with Vundo on my system. Whilst I can’t (well I can but won’t) control my children’s clicking behaviour to the nth degree, what I have drilled into them is  that if a popup appears they come and get me or stop what they are doing and wait for me or phone me [parenting 101 tip: I always have time for my children]. So whilst my system got this trojan I wasn’t susceptible to the spying activities of it because my personal firewall detected the outbound activity and threw up the alert. It then took me best part of a day on and off to remove the horrible thing, but at least it didn’t leak anything.