Ports and Firewalls
By Parrish Reinoehl, Pathfinder Networks
October 2004
In many of my recent articles I have tended to focus on the problems created by spyware, adware, and viruses and the steps you can take to safeguard yourself from these threats. This month I want to expand on that topic and discuss one more aspect of computer security.
By function, any computer or device that has an active Internet connection (be it dial-up, DSL, cable, WiFi, satellite, etc) is part of a global network of computers and devices. The Internet was initially designed to allow for the fast and efficient transmission of computer data between far-flung users. This design meant that anyone connected to the Internet was able to send information and to also receive information. This is what makes the Internet work and makes it such a useful tool. This design also opens up many security issues that most people do not realize.
A computer communicates to other computers through the means of electronic ports. A port can be accurately thought of as a doorway. If you think about the doors in your homes as ports you will see the comparison. The doorway allows for people to enter your home and to also leave your home. If your door is not locked then people are free to enter and exit at will. In a computer you have about 64,000 such ports.
An unprotected port can allow data to enter and exit your computer without your knowledge. A hacker can attack your computer by sending specific data to your PC through certain ports if your Operating System does not have all service packs installed. Some viruses can self-install themselves to your PC as soon as you connect to the Internet by communicating through specific ports. Spyware and adware (and other unwanted programs) can communicate your personal information to others through these ports.
However, you must have certain ports open for your Internet connection to function. Just like in your home, there are certain people that you want to allow to come and go as they please and there are others that you do not want to have any access. The Internet is exactly the same. There are some programs that you want to have full access to your ports and others that you do not. You simply cannot disconnect (or close) all of your ports because this will essentially pull the plug on your Internet connection.
You may be scratching your head at this point trying to figure out how you can possibly setup your PC to allow some programs to access your ports and to deny others access. This is actually far easier than it may seem and does not require much technical know how to accomplish.
The use of a firewall is what makes all of this happen. A firewall, as its name implies, is a device (or software) that creates a block. However, a firewall is an intelligent device that only blocks certain traffic. One of the simplest, and most effective, means of installing a firewall for your PC is to connect your PC to an Internet router. An Internet router is a device that sits between your Internet connection (normally DSL or cable) and allows for multiple computers to access this single Internet connection. The router also contains a firewall that will, essentially, isolate your PC (or PC’s) from the bad side of the Internet while allowing the good stuff to flow freely. Manufacturers such as Linksys and Netgear are very common and can be found very easily in most retail computer and electronics stores.
Using a router with the built in firewall is the proffered method of protecting your ports. However, another option does exist. You may choose to use a software firewall instead. The software firewall is more common for users who connect to the Internet by using a dial-up connection. Windows XP contains its own built-in firewall (but is off by default in early versions of Windows XP). Service Pack 2 for Windows XP includes an improved software firewall that is turned on by default. The Windows XP firewall is fairly basic however. Better software firewalls do exist, such as the excellent (and free for home users) Zone Alarm. You can download Zone Alarm from www.zonelabs.com.
Be forewarned however; the software firewalls will need time to “learn” which programs you want to have full access and those that you do not. Both Zone Alarm and the firewall in Windows XP Service Pack 2 will ask you whether you want certain programs to access the Internet or not. You will be presented with dialog boxes that ask you whether you want to block a program or not. Choose wisely, as choosing incorrectly can prevent some programs from functioning (but you can always reconfigure your software firewall later should you find that you chose incorrectly).
If you have your own home network and share devices such as printers or hard drives, you may find that installing a software firewall prevents you from using these shared resources. Proper firewall configuration will allow you to safely use these shared resources once again.
If all of this talk about ports and firewalls is a little too confusing you can always seek the help of qualified computer professionals such as the technicians at Pathfinder Networks. Not having your PC properly protected can be a very costly mistake (as many can attest to!). Making a small investment in your security now can save you from many headaches and expenses later.
About the Author:
Parrish Reinoehl is President of Pathfinder Networks; a Niles based technology consulting firm specializing in providing affordable computer services to small businesses and home users including networks, PC support, sales, and service. Pathfinder Networks can be reached at 269-684-7696 or via email at parrish@pathfindernetworks.us
Pathfinder Networks website is http://www.PathfinderNetworks.us
Visit our retail location at 1920 S. 11th St., Niles, MI (in Belle Plaza). We now sell Dish Network and Nextel services!
© Pathfinder Networks, LLC