The Explorer: Secure Your PC Online, Part Four - InformationWeek
Software // Enterprise Applications
01:39 PM
Fred Langa
Fred Langa

The Explorer: Secure Your PC Online, Part Four

Fred ties up some loose ends from the previous installments, and discusses some new, cool and free security tools.

In Part One of my online security series, we discussed the four myths of online security and the essential steps you need to take to ensure that your PC doesn't suffer from the worst and most-common online/networking security holes. By itself, Part One gets you a long way towards solid, basic online security.

In Part Two, we looked at "Personal Firewalls" that sit on your PC (and on each PC on a shared Internet connection). These applications work on a local level to block unwanted access to your PC from hackers or other undesirable agents. Part two gets you most of the rest of the way towards achieving a high degree of safety online.

In Part Three, we outlined further steps you can take that let you build a comprehensive and nearly impregnable six-layer defense. It will make almost any online PC secure enough so that hackers probably won't even bother to try to break in. Instead, they'll turn their attention to easier targets.

Each of those previous three parts has raised some additional questions and prompted interesting comments from readers. Many of these comments, questions and answers can be found in the threaded discussions that accompany each previous installment -- check ' em out! But there are still a few loose ends to tie up. This column -- Part Four -- wraps up those loose ends and presents you with a potpourri of useful tidbits you can use to refine and adjust the information you gleaned from the previous installments.

Personal Firewall Update
A large part of the foregoing discussions concerned "personal firewall" products, and I mentioned I was still evaluating several. (Note that these aren't formal Lab tests, but my own personal and subjective evaluations.) Having tried a wide range of products, I've come back to ZoneAlarm. Because it's free and so dead-simple to install and use, I think it's probably the best personal firewall choice currently available.

That's not to say it's perfect: Zone Alarm still sometimes incorrectly blocks accesses to known-good sites. You might be working for hours on a Web site, for example, when out of the blue, ZA will block one access to that site for no apparent reason. Curiously, it then immediately will allow ongoing accesses -- just one connection to that site (out of many) gets blocked, seemingly at random. Depending on what you're trying to do when the access is blocked, this can be either an annoyance (say, if you're casually surfing) or a major hassle (say, if you're trying to update a Web site with FrontPage).

Zone Alarm also has been called a "Trojan" app -- incorrectly, I believe -- because of the way its help file works. ZA ships with a vestigial help file; the complete and access-specific help files reside on servers at ZoneLabs' headquarters. When ZA blocks a site and displays a blocking-event dialog to you, if you choose to click on "More Info," then information about the most-recent block is sent back to the ZoneLabs server.

That information is used to generate a custom help page about the specific IP and blocking event you asked about. Obviously, the computers back at ZoneLabs can't know what the specific blocking event was unless this information is sent back to them. But even though this data is transmitted only when you specifically request more information, some people still have interpreted this as surreptitious "phone home" behavior. If you don't want this information transmitted back to Zone Labs, just don't click the "More Info" button.

Some people have been, er, alarmed at the technology at the heart of Zone Alarm because it can be used for things like ad tracking applications. I think this also is a false issue. See Steve Gibson's detailed take on ZA's technology for your self.

And note: There's a new version of Zone Alarm in private beta now (I have a copy). It's version 2.1, and it allows optional logging of blocking events to a text file. You can even turn off the normal block-event dialogs and the information about what was blocked and when will still be saved to a log file, if you wish. This is a nice addition, and doesn't seem to introduce any extra problems or instabilities into ZA. In a future column, I'll let you know when the final version 2.1 is released.

1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll