This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Fred ties up some loose ends from the previous installments, and discusses some new, cool and free security tools.
In Part One of my online security series, we discussed the four myths of online security and the essential steps you need to take to ensure that your PC doesn't suffer from the worst and most-common online/networking security holes. By itself, Part One gets you a long way towards solid, basic online security.
In Part Two, we looked at "Personal Firewalls" that sit on your PC (and on each PC on a shared Internet connection). These applications work on a local level to block unwanted access to your PC from hackers or other undesirable agents. Part two gets you most of the rest of the way towards achieving a high degree of safety online.
In Part Three, we outlined further steps you can take that let you build a comprehensive and nearly impregnable six-layer defense. It will make almost any online PC secure enough so that hackers probably won't even bother to try to break in. Instead, they'll turn their attention to easier targets.
Each of those previous three parts has raised some additional questions and prompted interesting comments from readers. Many of these comments, questions and answers can be found in the threaded discussions that accompany each previous installment -- check '
em out! But there are still a few loose ends to tie up. This column -- Part Four -- wraps up those loose ends and presents you with a potpourri of useful tidbits you can use to refine and adjust the information you gleaned from the previous installments.
Personal Firewall Update
A large part of the foregoing discussions concerned "personal firewall" products, and I mentioned I was still evaluating several. (Note that these aren't formal Lab tests, but my own personal and
subjective evaluations.) Having tried a wide range of products, I've come back to ZoneAlarm. Because it's free and so dead-simple to install and use, I think it's probably the best personal firewall choice currently available.
That's not to say it's perfect: Zone Alarm still sometimes incorrectly blocks accesses to known-good sites. You might be working for hours on a Web site, for example, when out of the blue, ZA will block one access to that site for no apparent reason. Curiously, it then immediately will
allow ongoing accesses -- just one connection to that site (out of many) gets blocked, seemingly at random. Depending on what you're trying to do when the access is blocked, this can be either an annoyance (say, if you're casually surfing) or a major hassle (say, if you're trying to update a Web site with FrontPage).
Zone Alarm also has been called a "Trojan" app -- incorrectly, I believe -- because of the way its help file works. ZA ships with a vestigial help file; the complete and access-specific help files reside on servers at ZoneLabs' headquarters. When ZA blocks a site and displays a blocking-event dialog to you, if you choose to click on "More Info," then information about the most-recent block is sent back to the ZoneLabs server.
That information is used to generate a custom help page about the specific IP and blocking event you asked about. Obviously, the computers back at ZoneLabs can't know what the specific blocking event was unless this information is sent back to them. But even though this data is transmitted only when you specifically request more information, some people still have interpreted this as surreptitious "phone home" behavior. If you don't want this information transmitted back to Zone Labs, just don't click the "More Info" button.
Some people have been, er, alarmed at the technology at the heart of Zone Alarm because it can be used for things like ad tracking applications. I think this also is a false issue. See Steve Gibson's detailed take on ZA's technology for your self.
And note: There's a new version of Zone Alarm in private beta now (I have a copy). It's version 2.1, and it allows optional logging of blocking events to a text file. You can even turn off the normal block-event dialogs and the information about what was blocked and when will still be saved
to a log file, if you wish. This is a nice addition, and doesn't seem to introduce any extra problems or instabilities into ZA. In a future column, I'll let you know when the final version 2.1 is released.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.