The Explorer: Secure Your PC Online, Part Three - InformationWeek
Software // Enterprise Applications
12:01 PM
Fred Langa
Fred Langa

The Explorer: Secure Your PC Online, Part Three

Building on Parts One and Two, Fred now shows how to make your PC nearly impregnable.

Finally, I also use a sixth trick: My cable modem ISP uses "dynamic IP addressing," which is also the technique used on most dial-up/modem ISPs. With dynamic addressing, every time you re-establish your connection, you get a new IP address, which has the desirable side-effect of making you slightly harder to track: With a dynamic address, even if a hacker finds you this time, your address will be somewhat different the next time you connect, so he'll have to track you down again. To take advantage of dynamic addressing, I unplug my cable modem once a day or so, or anytime there's seems to be unusual activity at the modem: When I plug back in, the modem re-synchs and goes back online at a slightly different address, forcing any curious hackers to start over. This trick won't work for connections with a "static IP" that never changes, but is worth remembering for any connection with dynamic addressing.

Call me paranoid, but with six layers of protection -- a proper networking setup, a personal firewall, an Internet sharing service that hides the PCs behind it, a heavy-duty firewall built into the connection-sharing service, physical isolation of the sensitive data on the LAN, and some simple misdirection through dynamic addressing -- I start to feel at least somewhat safe. <g>

Still, it's worth stopping here for a moment to say that no online system can ever be 100 percent secure; depending on the skill level, determination, and resources of the attackers, any system that's online can eventually be hacked. (The only way you can be 100 percent safe from online attacks is to pull the plug and break the connection between the Internet and your system.) But by raising multiple barriers to hackers, you can make your system such a pain to get to that most hackers will likely give up and simply move on to easier targets. With a six-level security scheme like mine, it's not that your system can't be hacked (in theory, any system can eventually be hacked), but that it won't be hacked because it's just too much trouble.

Some Alternative Pieces:
Hardware: Some "routers" (and hubs with router capabilities built in) have firewall firmware that can simultaneously distribute anti-hacker protection along with shared Internet access. I personally dislike "black box" hardware that keeps me from knowing what's going on inside or making customizations and adjustments as I see fit, but some people actually prefer the just-plug-it-in-and-go approach. If that's you, then a hub/router with a built-in firewall may be just the ticket.

Software: Sygate is only one of many Internet-sharing solutions that offer good security. I like it because it's inexpensive, offers great security when placed in "enhanced" mode, requires almost no configuration, and allows ample customization if you want it. For example, you can "black list" sites to prevent all access to known-bad locations, or conversely, "white list" sites to only allow access to known-good locations. But many other solutions -- such as the deservedly popular WinProxy -- offer similar abilities.

And here's an interesting item -- a special-purpose FREE, configurable firewall that's an offshoot of the Linux project. This specially stripped-down version of Linux fits on a floppy: You boot an old PC from the Linux floppy, and the fireplug app runs the pc, sets up connection sharing and a firewall, and runs the whole thing in RAM. Although it's harder to configure than commercial firewalls, you can't beat the price -- and its hardware requirements are so low, it'll run even on PCs that won't run any recent version of Windows.

Some of these and other solutions are discussed at greater length at; check out the associated chat area, as well.

Layers Do The Trick
In any case, the concept is simple: You need a layered defense between you and hostile netizens. The more important your data and online activities are, the more layers you need. I personally feel everyone should have at least two layers of defense -- and many people reading this column (more advanced users with always-on or often-on connections) probably should have three, four, five -- or even six layers of defense. I do.

What do you use to provide online security? What hardware and software solutions can you tell us about? How much protection is enough -- and how much to too much or too little? Join in the discussion!

To discuss this column with other readers, please visit Fred Langa's forum on the Listening Post.

To find out more about Fred Langa, please visit his page on the Listening Post.

2 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll