Do I need a firewall?

I have a client / friend that hasn’t been feeling very well lately. It’s been terrible. No “24 hour” bug, this one. He’s had severe headaches for about two weeks now and he just can’t seem to get the last remnants of the virus out of his system. He’s hardly gotten any sleep at all since he got it, and every time he thinks he might have gotten rid of it, it seems to come back again.

He says that at times he feels so bad that he’s thought about giving up and calling it quits. He calls me sometimes for sympathy and advice. During these calls, I can really hear the pain in his voice, but I encourage him to keep going. I tell him that he’ll get past this, and that he will have learned a bit from the experience. You know the old saying, “if it doesn’t kill you, it makes you stronger.”

The first time he suspected he might have a problem was when he couldn’t see his pictures on his computer. He wasn’t too worried right away but then he found that he had some other symptoms as well.

He told me he’s worried he may have passed it on to some other people before he realized he had it. I worry about that also. I take these things very seriously and, even though I’ve taken precautions to prevent infection, I still worry, because so many people aren’t protected. Believe it or not, these viruses are usually passed on by worms, and they’re almost 100% preventable.

All it takes is some virus protection software and a firewall.

Yep, software. And a firewall, to help prevent headaches.

OK, I’m sure many of you knew where I was headed with that story, which, by the way, is true. My friend had a really bad time there for awhile.

But you probably weren’t too surprised to read that you need virus protection.

You’ve heard the phrase “virus protection” 1000 times or more. In fact, most of you probably have some sort of virus protection running on your computer right now. At least I hope you do. You should, at a minimum, be checking every email message that comes into your computer or your network.

There are several companies out there that track all of the known viruses.
(Trivia note from dictionary.com.
Question: What is the plural of virus? Answer: Viruses.
It is not viri, or (which is worse) virii. True, the word comes directly from Latin, but not all Latin words ending in -us have -i as their plural. Besides, viri is the Latin word for 'men' (plural of vir, man, the root the English virile). There is in fact no written attestation of a Latin plural of virus.
If you would like to pursue the subject further, see the excellent article "What's the Plural of `Virus'?" at http://www.perl.com/language/misc/virus.html at Perl.com. If you have some knowledge of linguistics and Latin, you might be interested in the morphological analysis of the word from the Perseus Project http://www.perseus.tufts.edu/cgi-bin/morphindex?lookup=virus&lang=la&formentry=1 )
Back to the subject, which was about virus protection.

McAfee and Symantec are the two best known of these companies, but there are others as well. Virus protection software runs on your computer and it is important that you have a copy of one of the virus protection products on each machine that accesses the Internet.

The software can also work on different levels. At the highest level, they check every file on your computer as it is opened or accessed. And they can check outgoing information as well as incoming information. This is very safe, but can really slow down your system. At the lowest level (other than off) it will simply check whatever files you specify when you tell it to.

I have set up my virus protection (I use the Symantec product) to check every email I receive. I manually scan any floppy or zip disks that customers send me with data, and I also have the software automatically run a full scan of my whole computer once a week.

There is lots of information out there on virus protection, and most of you probably have a pretty good grasp of what it does. So I won’t dwell on that topic.

But what about a firewall? You’ve probably heard of a firewall also, but do you have one?

In the physical world, a firewall protects valuables from fires and other “bad things.” And it keeps a fire from spreading from one room to another.

In the virtual world, we don’t have real fires, but we have plenty of bad things.

One kind of bad thing is a virus. A firewall can keep viruses from being put onto your computer by someone else. (This is as opposed to you downloading the virus yourself via email and infecting your own computer. That’s what the virus scanners are for.)

It can keep an employee from sending sensitive information (like your customer credit card numbers) off your computer and out into the hands of Bad People.

It can keep companies like Microsoft, Intuit, or any other software manufacturer from “phoning home” and letting them know things about you that are stored on your computer. Yep, it happens. Some companies use their software to read information from your computer like, say, the last 100 web sites you visited, or what other software titles you own (or copied illegally), and send that info back to the parent company for marketing purposes. For example, pretty much all of the music players I’ve seen have some sort of logging built in to report what you’re listening to back to the manufacturer.

Another thing that a firewall can protect you from is having someone use your computer as a free storage area for their music, pictures, or other data files. This is a very serious threat.

Let’s talk about music again. The average music file (sound only) takes between 3 and 6 Mb of space to store, while the average music video takes 40 to 70 Mb of space on your hard disk. Suppose you’re a teenager and you like music, but you’re out of disk space. Maybe you have some music you listen to a lot, and other music you only listen to occasionally. You could copy some of the music to a CD, if you have a cd burner, or you could copy it to another hard disk.

Don’t have another hard disk? Of course you do. There are millions of them sitting out there on the Internet waiting for you to store something on.

All you have to do is find one that is usually turned on and that doesn’t have a firewall. Then you need to crack what is probably a very simple password (if there even is a password – see my previous articles on passwords!)

Then, you can copy your excess files to that person’s computer, probably without them ever realizing it, and you’ve got free storage space. Of course, you don’t want to take the chance of losing everything you’ve stored if the owner of the computer wakes up. So what do you do? You copy the information to 4 or 5 computers.

You don’t even need to know where the computer is, all you need is the virtual address. The internet is very large. The computer you hack into might be in a different state, or even a different country!

And hey, while you’re in their computer anyway, you might as well have a look around to see if they have any good music, or games, or access codes (like to their Merrill Lynch account) on the computer.

So you see, leaving your computer open to the world as a free storage area can cause a whole lot of damage!

Now, why is this becoming such a big deal all of a sudden? Three simple words. “High speed access.” Those DSL and Cable connections are always on. Or at least they’re ALMOST always on. If your internet provider is like mine (qwest) you can’t really say they’re ALWAYS on. But they’re on enough to be a target for hackers.

Why is this a factor? Well, back in the dial up days, you were probably off the internet (disconnected) more than you were on. So if someone stored some information on your computer, they wouldn’t know when they might be able to get it back. Second, every time you connected to the Internet, you probably got a different IP address, so the hacker took the risk of not being able to find your computer again if they want to get their files back. Third, dialup is SLOW. If the hacker is going to copy files to 4 or 5 computers, he’d rather do it faster than slower…

Because of these issues, hackers don’t usually attack computers that are using dialup accounts. At least they don’t attack them as a storage area. They may still attack dialup users looking for credit card numbers and other bits of valuable information.

Enter DSL/Cable. Always on, usually at the same address, and FAST…. Perfect.

OK, so you just got DSL. What are the chances that someone is actually trying to get into your computer today? I mean, you JUST got DSL?

Actually, the chances are high. If you have a full time connection, your computer is probably being checked between 30 and 100 times a day to see if it is vulnerable. There are millions of people out there using the Internet. There are thousands of them that have written little programs that constantly search the internet for open computers. This is what these people do for fun and profit! And, if someone finds that your machine is open, they can tell other people to store or retrieve files from your computer also. This opens you up to even more prying eyes.

Here’s where your firewall comes in. When their software comes knocking on your virtual door, nobody’s home. It can’t see your computer, so it can’t test to see if there is any available space or information on your computer.

Firewalls come in two flavors; hardware and software.

“Hardware firewall” is kind of a misnomer, because even the hardware firewalls use software to do the work. The difference is that a hardware firewall is another machine, usually a router, that is between your computer and the cable/dsl modem. This “black box” serves to isolate your computer from the outside world and only lets the information you request come through.

A software firewall is a program that runs on your actual computer and tests the traffic from there.

Which is better? Well, a hardware firewall doesn’t slow down your computer, whereas a software firewall can. But a hardware firewall costs more, and you need to learn how to set it up. A software firewall usually installs itself and fires right up. A hardware firewall can protect every computer on your network. A software firewall would need to be installed on each computer. And remember, that means PURCHASING a LICENSE for each computer, not buying one system and then making illegal copies.

I have both – hardware and software. But I only put the software firewall on the computers that are most vulnerable, or that are going to have certain “ports” open.

What are ports? Well, the hardware firewall works like this. Each service on a computer works by using something called ports. With no firewall, hackers use these ports as tunnels into your machine that they can use to pass information through.

Different software companies, including Windows, or MACos, use different ports. For example, a web server works on port 80, pcAnywhere works using a range of ports from 5631 to 5652. I’ll use port 80 as an example here even though it’s much more likely that a hacker would be using many other port numbers if they really wanted to attack your machine.

Now, on a hardware firewall, suppose someone hits your computer and checks port 80 to see if it is open. If the hardware firewall is not open, the hacker never gets past the black box to get to your computer and see if it has a port 80 available. There is no way they can break into your machine if all the ports they might have access to are closed.

A software firewall works a little differently. In this case, the hacker might still hit your computer on port 80. And the request goes into your machine. At this point, the software firewall hears the request and it check to see who it’s from. Every person on the internet has their own address or IP number, at least at that point in time. If the person making the request (the hacker) is not recognized, the software firewall blocks the request and/or prompts you for permission to allow the person in.

Hardware firewalls, at least in the context of a simple network, do not keep sensitive information in. They only keep unwanted visitors out. So if Microsoft is sending a note back home that you use Microsoft Money on your computer, it won’t be stopped. This is a good time to install a software firewall on any computers that may have really sensitive information on them. A software firewall can stop things from getting out as well as in. It will also tell you what application is trying to access the internet and when.

Firewalls are becoming so important that some internet companies are now offering discounts on firewalls and virus protection software. For example, optimumonline is an internet provider that is recommending eTrust EZ armor software. They’re suggesting that all of their customers purchase the software through them at a special rate $29.95 instead of the normal retail price of $49.95.

I don’t know the eTrust product, but I’ve seen the McAfee and Symantec products in action and they’re both very good. See the www.mcafee.com and www.symantec.com web sites for more information on these products. These two sites are also very good if you’re concerned about viruses and need to check out virus protection software.

If you already have high speed access, make sure you get virus protection software and a firewall as soon as possible. If you don’t already have high speed access, I encourage you to get it as soon as it’s available in your area. It’s well worth the pain involved in getting it installed and running. But make sure you have virus protection software NOW, and make sure you get some type of firewall installed at the same time as the high speed connection.