Quantcast
Subscribe to magazine

Blogs

    Privacy Watch

  • Few things are more valuable than your personal data. Associate Editor Erik Larkin shows you how to protect it.
  • Subscribe to this blog

Privacy Watch: Make Sure Your Firewall Is Sturdy

Andrew Brandt

Illustration: Tavis Coburn
Firewalls provide an essential layer of protection by blocking the port probes and scans that some bad guys and worms use to decide which PCs are vulnerable to attack. But firewalls aren't foolproof.

Even one from a reputable company can be leaky if it's misconfigured, and a holey firewall combined with an unpatched copy of Windows could permit malicious hackers to break into your system. But a good firewall does its job in the background. So how do you know whether all is quiet because your firewall is operating perfectly or because the hackers just haven't yet spotted your vulnerable system? It's best to test the firewall yourself. (If you don't have a firewall, check "Step-By-Step: Bulletproof Your PC With a Software Firewall" for a list of free ones and for tips on installing them.)

I use several free sites to test my firewalls. They all work similarly: The Web site runs a script that scans the ports at your computer's IP address. If your firewall is properly configured, the test results usually will show that no probes from the scan made it through to your computer. If you run a Web server from your PC, or other software (like an online game) that listens for requests from the Internet, and you've opened a port in the firewall for that program, a scan will show the port as open.

Sygate Online Services Security Scan is one of the most comprehensive scan sites. It offers six varieties of scans, though for most people the Quick Scan or Stealth Scan--which takes less than a minute--will be sufficient. The truly paranoid can choose to scan every well-known port, but that takes 45 minutes.

Once I've run the Sygate test, I head to Audit My PC for its privacy scan. In addition to testing the firewall itself, Audit My PC tests your machine for other vulnerabilities. The privacy scan reveals the weaknesses in your browser and identifies the kinds of information that any Web site can find out about you. The site also explains how to fix the problems.

Last on my list of scans is RV10scan, the real-time service from Qualys, which can be found on Vulns.com. RV10scan not only looks at the port, but also sends commands to the port to see how the computer responds. It effectively figures out which buggy parts of your Windows installation are unpatched--and which spots in your firewall may not cut the mustard.

Once your firewall passes the RV10scan, you can put your feet up, lean back, and breathe a well-deserved sigh of relief.

Andrew Brandt is senior associate editor for PC World. E-mail him at privacywatch@pcworld.com. Click here to read more Privacy Watch columns.

  • Recommend this story?
  • 0 Yes
    0 No

Print 50% more pages than with refilled inks. Trust Original HP Inks. Hit Print Reliably.

Featured APC Accessories For Your System
10% Off Entire Cart at Online Store

  • APC Back-UPS ES Safeguards your equipment from damaging surges and spikes that travel along your utility & data lines.
  • APC SurgeArrest Performance Highest level of protection for your professional computers, electronics and connected devices, as well as provides surge protection.

Focus on Personal Productivitysponsored by Microsoft

  • Personal Finance 2.0 These free and fee-based Web services not only aggregate data from your online bank accounts, they give you tools for managing your money.
  • High-Tech Travel Tips Plenty of stories provide advice for elite mobile professionals. But what about you, the unproductive traveler?

People who read this also read:

Privacy Watch

All PC World Blogs

  • 2007 Microsoft Office Suites Comparison This paper compares and contrasts four suites of the 2007 Microsoft Office system: Microsoft Office Standard 2007, Microsoft Office Professional Plus 2007, Microsoft Office Enterprise 2007 and Microsoft Office Ultimate 2007. This paper is intended to help organizations understand the applications and capabilities offered, and to identify the suite that best fits their needs.
  • Windows Vista Migration: The Business Proposition It's not so much a matter of "if" but "when" for most organizations regarding migration to Windows Vista. Laying the groundwork now for this migration can yield higher ROI than waiting until later. This Computerworld Technology Briefing explains it all.

Today's Special Offers