Worms & Firewalls
Online Safety Isn't Simple Anymore
- What is a 'worm,' and what do you mean my anti-virus program can't save me from them?
A worm is not your "typical" virus (for what that is worth). Generally a worm will attack a specific TCP or UDP port on a target computer, attempting to exploit vulnerabilities within the program(s) or operating system which utilizes that port.
Antivirus programs can not protect you from this type of virus because the attack occurs before the context of the worm has entered a static (file or mapped memory) state. In other words - because the worm does not really exist in the same terms as what the anti-virus "expects," your anti-virus software will be incapable of detecting the virus until after the virus has had the opportunity to do what it was designed to do (such as wipe your drive, replicate itself, spam the world or just install a trojan or something on your computer).
To prevent yourself from being infected by a Worm you must install a firewall. Firewalls come in two flavors - hardware (a physical "device" between your computer and the Internet) and software (a piece of software that runs on top of your operating system (Windows, et al.). The significant difference between the two is that a hardware firewall is separate from your computer so it is not susceptible to the same flaws that your operating system carries over. No "OS" security baggage gets in the way of providing for decent security.
I personally use (and love) IPCOP, which is a free (open source) dedicated firewall package. You need only find an older computer to use as the intermediary device between your PC and the Internet and install IPCop on it. Installation is relatively painless, but a bit of knowledge of computer hardware is a major plus.
If you have to use dial-up Internet access, then a "build-it-yourself" dedicated firewall is nearly your only option in order to obtain a hardware firewall. To my knowledge, there are no dial-up/modem-based hardware firewalls on the general market. There are custom-built machines (a 486 with 16mb ram is fine) using IPCop and similar products, but Netgear, Linksys and Belkin (and other players) don't produce modem-gateways for consumption use. I imagine this is because it is far less cost-effective to produce something like this for a market (dial-up users) that is anything but likely to buy it.
A software firewall (such as ZoneAlarm or the Windows XP "built-in" firewall) suffer from the major liability of running *on* the computer that you wish to protect. ZoneAlarm (and other non-native software firewalls) are incapable of blocking attacks to ports Windows holds open 100% of the time. They may prevent many attacks from getting through, but they will never prevent every attack at those ports since they rely on functionality exposed by the operating system (Windows, et al.) to function.
Since that functionality is partly derived from the same libraries that make the ports available in the first place - well, the software firewalls have naturally limiting abilities to secure the system entirely. The 'internal' firewalls provided by Windows and/or any other operating system suffer a similar liability: in all likelihood it is the operating system itself that is the target for the attack, that being the case, would you even consider relying on that very-same target for your protection? I didn't think so.
Now that you are adequately convinced to use a hardware firewall, you can generally purchase a firewall-capable router from any office supply store for as little as twenty dollars or as much as a few hundred. If you use dial-up access, however, your choices are very limited - to the point that without dedicating an older PC to the task you may be completely incapable of obtaining a hardware firewall.
|SaferPC © 2020||Powered by 12 Point Design|