Ablang
12-21-2004, 07:42 PM
Hardware Tips: Keep Your PC Hidden
by Contributing Editor Kirk Steers
A new PC fresh out of the box is like Swiss cheese: It's filled with
holes that make it vulnerable to viruses and information thieves. Just
what's out there? Read "Threat Assessment" for a good scare:
http://pcwnl.pcworld.com/t/321550/15377828/967795/0/
Firewalls, operating system updates, and antivirus software can plug
many holes, but hackers are always looking for--and
finding--weaknesses in Windows and other software. For best
protection, hide your PC behind a router's hardware firewall. Routers
with firewalls are cheaper and easier to install than ever.
For background, read "What You Should Know About Firewalls":
http://pcwnl.pcworld.com/t/321550/15377828/967796/0/
Hackers find a computer by connecting to its IP address, four numbers
(each from 0 to 255) separated by periods, that identifies each device
on the Internet. A router allows several PCs to share a single
Internet connection--and to hide behind a single IP address. The
router displays the public IP address that is issued by your ISP and
seen by everyone on the Net. It uses the Network Address Translation
(NAT) standard to assign a private, temporary address to each computer
on your network. The router directs inbound and outbound Internet
traffic so it appears to outsiders that each of your networked
machines is using the router's public IP address.
When hackers make contact with your public IP address, they don't go
to your computer, but instead to a "dumb" router that lacks the
vulnerability of a Windows-controlled PC. When you put all your
computers behind a hardware firewall, you'll likely see a dramatic
drop in the number of intrusion alerts that your software firewall
registers. (You'll certainly want to continue to use that security
program in addition to your router, though.)
Get Your Own Router
Entry-level four-port routers, sufficient for most home and
small-office networks, are cheap; for example, the RP614 from Netgear
costs around $40 online. If you're planning a wireless network, get a
wireless router instead of an access point; they are priced about the
same. And if you're shopping for a new ISP, don't buy a router just
yet. Most of the cable and DSL modems that broadband ISPs provide come
with firewalls.
With the explosion of networks in homes and small offices, vendors
such as Netgear, Linksys, and D-Link provide reasonably simple
configuration screens and, most important, telephone support, usually
free for the first 30 days. For more buying advice and how-to
information, go to PC World's Home Networking page:
http://pcwnl.pcworld.com/t/321550/15377828/967797/0/
Whether you're buying your own router or installing one from your ISP,
you're likely to come across a lot of new acronyms. Here are the ones
you need to know.
UPnP: The Universal Plug and Play standard simplifies the installation
of any networked device--from routers to home appliances. Just plug it
in, and it shows up in Windows Explorer. Most routers now come with
UPnP, which Windows XP and Me support. One of the early security flaws
in Windows XP involved UPnP, but Windows XP Service Pack 2 corrects
the problem. UPnP is still too new to be trusted, though, so leave it
disabled unless you are running software that requires it.
VPN: A virtual private network creates a secure channel between two
computers over the Internet. Many businesses use a VPN to link remote
workers to the company network. Your IT department can tell you
whether your router needs to support IP Security (IPSec), the Point to
Point Tunneling Protocol (PPTP), or some other network-security
protocol.
SPI: Stateful Packet Inspection examines each incoming data packet and
rejects unsolicited packets. Packets containing an inbound Web page,
for example, have been solicited by a local computer and hence are
ushered through the firewall.
DMZ: A Demilitarized Zone allows you to partially or fully expose a
computer to the Internet. Online gamers and people maintaining Web
servers and FTP sites will find this feature useful.
Read Kirk Steers' regularly published "Hardware Tips" columns:
http://pcwnl.pcworld.com/t/321550/15377828/364751/0/
by Contributing Editor Kirk Steers
A new PC fresh out of the box is like Swiss cheese: It's filled with
holes that make it vulnerable to viruses and information thieves. Just
what's out there? Read "Threat Assessment" for a good scare:
http://pcwnl.pcworld.com/t/321550/15377828/967795/0/
Firewalls, operating system updates, and antivirus software can plug
many holes, but hackers are always looking for--and
finding--weaknesses in Windows and other software. For best
protection, hide your PC behind a router's hardware firewall. Routers
with firewalls are cheaper and easier to install than ever.
For background, read "What You Should Know About Firewalls":
http://pcwnl.pcworld.com/t/321550/15377828/967796/0/
Hackers find a computer by connecting to its IP address, four numbers
(each from 0 to 255) separated by periods, that identifies each device
on the Internet. A router allows several PCs to share a single
Internet connection--and to hide behind a single IP address. The
router displays the public IP address that is issued by your ISP and
seen by everyone on the Net. It uses the Network Address Translation
(NAT) standard to assign a private, temporary address to each computer
on your network. The router directs inbound and outbound Internet
traffic so it appears to outsiders that each of your networked
machines is using the router's public IP address.
When hackers make contact with your public IP address, they don't go
to your computer, but instead to a "dumb" router that lacks the
vulnerability of a Windows-controlled PC. When you put all your
computers behind a hardware firewall, you'll likely see a dramatic
drop in the number of intrusion alerts that your software firewall
registers. (You'll certainly want to continue to use that security
program in addition to your router, though.)
Get Your Own Router
Entry-level four-port routers, sufficient for most home and
small-office networks, are cheap; for example, the RP614 from Netgear
costs around $40 online. If you're planning a wireless network, get a
wireless router instead of an access point; they are priced about the
same. And if you're shopping for a new ISP, don't buy a router just
yet. Most of the cable and DSL modems that broadband ISPs provide come
with firewalls.
With the explosion of networks in homes and small offices, vendors
such as Netgear, Linksys, and D-Link provide reasonably simple
configuration screens and, most important, telephone support, usually
free for the first 30 days. For more buying advice and how-to
information, go to PC World's Home Networking page:
http://pcwnl.pcworld.com/t/321550/15377828/967797/0/
Whether you're buying your own router or installing one from your ISP,
you're likely to come across a lot of new acronyms. Here are the ones
you need to know.
UPnP: The Universal Plug and Play standard simplifies the installation
of any networked device--from routers to home appliances. Just plug it
in, and it shows up in Windows Explorer. Most routers now come with
UPnP, which Windows XP and Me support. One of the early security flaws
in Windows XP involved UPnP, but Windows XP Service Pack 2 corrects
the problem. UPnP is still too new to be trusted, though, so leave it
disabled unless you are running software that requires it.
VPN: A virtual private network creates a secure channel between two
computers over the Internet. Many businesses use a VPN to link remote
workers to the company network. Your IT department can tell you
whether your router needs to support IP Security (IPSec), the Point to
Point Tunneling Protocol (PPTP), or some other network-security
protocol.
SPI: Stateful Packet Inspection examines each incoming data packet and
rejects unsolicited packets. Packets containing an inbound Web page,
for example, have been solicited by a local computer and hence are
ushered through the firewall.
DMZ: A Demilitarized Zone allows you to partially or fully expose a
computer to the Internet. Online gamers and people maintaining Web
servers and FTP sites will find this feature useful.
Read Kirk Steers' regularly published "Hardware Tips" columns:
http://pcwnl.pcworld.com/t/321550/15377828/364751/0/