Personal Firewall blocks unwanted'and wanted'traffic

Personal Firewall blocks unwanted'and wanted'traffic

By Michael Cheek

GCN Staff

As always-on digital subscriber line and other broadband technologies become the norm for remote access, firewall protection is a necessity. But no one wants a security tourniquet to cut off the inward flow of information.

Norton Personal Firewall 2000 Version 2.0 from Symantec Corp. attempts to throw some protection around your system, and for the most part it does.

Symantec has taken a portion of its Norton Internet Security 2000 software firewall [GCN, April 3, Page 33] and beefed it up for Microsoft Windows NT and Windows 2000, as well as adding more user controls.







Box Score

Norton Personal Firewall

2000 2.0


Symantec Corp.; Cupertino, Calif.;

tel. 888-411-1932

www.symantec.com

Price: $45


+ Hides all ports from detection

+ Supports all Windows OSes

- Reveals MAC address

- Stops some wanted traffic



Real-life requirements:

Pentium II or faster processor, 64M of RAM, 10M of free storage, CD-ROM drive, browser



For advanced users, Personal Firewall can be pretty granular about which ports are open to what kinds of traffic. Average users, however, will have a hard time figuring out how to deploy it without blocking desired, safe traffic.

Symantec divides the firewall into two areas: security and privacy. Both areas offer three levels of protection: high, medium and minimal.

In the security area, Personal Firewall monitors all of a computer's 65,535 communication ports'from Port 80 for Web traffic to the port used for e-mail. They are the primary areas of exposure, so the security setting probably should be set at maximum to fend off Trojan horse and virus attacks through those ports.

Norton's new version borrows a bit from the freeware ZoneAlarm 2.0 firewall. When it detects an application trying to access and send information from a port, it puts the traffic on hold and asks the user whether the traffic should go out.

Personal Firewall can walk you through setting up rules for such situations, or it can deal with them one by one. But when reply traffic comes back to another port, Personal Firewall automatically blocks it, issuing an alert. This is where most users will encounter problems.

In my own use of DSL [GCN, July 10, Page 37] for videoconferencing and chat applications, I found Personal Firewall would let my messages out but would not admit the messages sent to me.

Selective blocking

When I tried to watch streaming news video, Personal Firewall also blocked it.

In some ways, this is good. A Web browser accessing Port 80 isn't unusual, but what about other applications? Personal Firewall can tailor a rule to the application.

It did a good job of hiding all my communication ports from outside detection, unlike the earlier version that revealed two closed ports.

On the other hand, the previous version worked better at hiding the media access control number. The new version did not hide the computer's unique MAC number, which is embedded in the network interface card and should not be revealed.

Personal Firewall 2000 2.0's advanced options include about 75 rules that come with the application to block known hacks and Trojan horses. Additional rules are created as you let applications access the Internet, and the rules can be disabled individually.

The security area also can block Java and ActiveX code.

In the privacy area, Personal Firewall can block cookies from specific sites, and the user can store confidential information for automatic use on Web forms and e-mail. If a site or application attempts to access the confidential information, Personal Firewall is supposed to stop the transmission and ask whether to let it continue.

For me, it didn't work that way, however. I entered my e-mail address, credit card numbers and odd strings of characters. When Personal Firewall inserted the information in Web forms and e-mail, it did not warn me that I was about to send out confidential data.

Personal Firewall integrates well with Symantec's Norton AntiVirus 2000. For most users, antivirus protection is more important than a firewall, because attacks against individuals generally arrive in the form of viruses.

As with other Symantec software, the LiveUpdate component will download any needed updates to Personal Firewall.

Norton Personal Firewall 2000 2.0 works, but it has not yet attained ease of use or comprehensive protection.

inside gcn

  • blockchain (Immersion Imagery/Shutterstock.com)

    DARPA eyes 'less-explored avenues' of blockchain

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above