Software // Enterprise Applications
Commentary
1/7/2004
01:39 PM
Fred Langa
Fred Langa
Commentary
Connect Directly
RSS
E-Mail
50%
50%

The Explorer: Secure Your PC Online, Part Four

Fred ties up some loose ends from the previous installments, and discusses some new, cool and free security tools.

In Part One of my online security series, we discussed the four myths of online security and the essential steps you need to take to ensure that your PC doesn't suffer from the worst and most-common online/networking security holes. By itself, Part One gets you a long way towards solid, basic online security.

In Part Two, we looked at "Personal Firewalls" that sit on your PC (and on each PC on a shared Internet connection). These applications work on a local level to block unwanted access to your PC from hackers or other undesirable agents. Part two gets you most of the rest of the way towards achieving a high degree of safety online.

In Part Three, we outlined further steps you can take that let you build a comprehensive and nearly impregnable six-layer defense. It will make almost any online PC secure enough so that hackers probably won't even bother to try to break in. Instead, they'll turn their attention to easier targets.

Each of those previous three parts has raised some additional questions and prompted interesting comments from readers. Many of these comments, questions and answers can be found in the threaded discussions that accompany each previous installment -- check ' em out! But there are still a few loose ends to tie up. This column -- Part Four -- wraps up those loose ends and presents you with a potpourri of useful tidbits you can use to refine and adjust the information you gleaned from the previous installments.

Personal Firewall Update
A large part of the foregoing discussions concerned "personal firewall" products, and I mentioned I was still evaluating several. (Note that these aren't formal Lab tests, but my own personal and subjective evaluations.) Having tried a wide range of products, I've come back to ZoneAlarm. Because it's free and so dead-simple to install and use, I think it's probably the best personal firewall choice currently available.

That's not to say it's perfect: Zone Alarm still sometimes incorrectly blocks accesses to known-good sites. You might be working for hours on a Web site, for example, when out of the blue, ZA will block one access to that site for no apparent reason. Curiously, it then immediately will allow ongoing accesses -- just one connection to that site (out of many) gets blocked, seemingly at random. Depending on what you're trying to do when the access is blocked, this can be either an annoyance (say, if you're casually surfing) or a major hassle (say, if you're trying to update a Web site with FrontPage).

Zone Alarm also has been called a "Trojan" app -- incorrectly, I believe -- because of the way its help file works. ZA ships with a vestigial help file; the complete and access-specific help files reside on servers at ZoneLabs' headquarters. When ZA blocks a site and displays a blocking-event dialog to you, if you choose to click on "More Info," then information about the most-recent block is sent back to the ZoneLabs server.

That information is used to generate a custom help page about the specific IP and blocking event you asked about. Obviously, the computers back at ZoneLabs can't know what the specific blocking event was unless this information is sent back to them. But even though this data is transmitted only when you specifically request more information, some people still have interpreted this as surreptitious "phone home" behavior. If you don't want this information transmitted back to Zone Labs, just don't click the "More Info" button.

Some people have been, er, alarmed at the technology at the heart of Zone Alarm because it can be used for things like ad tracking applications. I think this also is a false issue. See Steve Gibson's detailed take on ZA's technology for your self.

And note: There's a new version of Zone Alarm in private beta now (I have a copy). It's version 2.1, and it allows optional logging of blocking events to a text file. You can even turn off the normal block-event dialogs and the information about what was blocked and when will still be saved to a log file, if you wish. This is a nice addition, and doesn't seem to introduce any extra problems or instabilities into ZA. In a future column, I'll let you know when the final version 2.1 is released.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
The weekly wrap-up of the top stories from InformationWeek.com this week.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.