LA Computer Company: LA Computer Company: Specials on AppleCare, Apple Displays, MacBooks, iMac's, MacBook Pros, Laptop and iPod accessories and more. Apple A/C Adapters for laptops starting at $25.00 Call 1-800-941-7654 or Click Here.
OWC: Burn DVDs, DVD-DL, CDs, DVD-Ram - FAST! Superdrive upgrades from OWC starting from $31.99 with options for nearly every Mac. Models with Lightscribe, Blu-Ray too!
Description: Using a software firewall Difficulty level: Intermediate System version: 8.1 and PowerPC processor Required: NetBarrier firewall software
You are not very likely to face direct attacks from hackers
because you use a computer, because these people mostly target
companies and large networks. On the other hand, the security of
your files is never 100% guaranteed, even though you use a computer
that less people know to hack than, say, Windows.
There are people who know how to scan ports to get information
about your computer, and preventing this is rather smart. This is
why the use of a software firewall can be useful, even if your
Internet service provider has a physical firewall. I could not get
my hands on Norton Personal Firewall for this article, but I have
been using NetBarrier for several months, and it has proved to be
quite reliable to detect intrusions, especially port scanning. I
recommend it based on my positive experience, and I want to show
you how you can use it.
The first step is to get NetBarrier; a step you can
take after reading this. It costs US$49.95 for an electronic
version from Intego, the company that develops it. When you have
NetBarrier, make sure to install it and then restart your Mac.
NetBarrier should pop a window that requires registration. Enter
the information, and everything is ready to go. Also, a yellow
lozenge will show up in your menu bar. This is a shortcut to open
NetBarrier when it is active.
Disclaimer: NetBarrier version 1.5.2 was used for this
tutorial. There is a newer version that may work differently, and
it offers more than the older version we are using as an
example.
Firewall setting
From the above window, you can handle your general settings.
When you transfer information between your computer and the
Internet or a network, "no restrictions" is the way to go. "Client
only" and "Server only" are useful if you wish to block outgoing
and incoming transfers respectively. "Client, local server" speaks
pretty much for itself, but for most dialup and cable modem access
users, this does not apply. "No network" is great to block any
network information exchange. I sometimes put it to "No network"
temporarily if any access to the Internet could disturb what an
application (think CD burning) is doing. You would normally leave
this set to "No restrictions."
Antivandal protection
On to the good stuff. It is time to set up your antivandal
options. The antivandal protection is especially good at stopping
intrusions.
In the above list, here is the meaning for each prevention
measure:
Stop unknown protocols: This makes sure that any
communication protocol that NetBarrier is not aware of is not going
to be effective on your computer. It can be useful, but I strongly
recommend you keep this turned off. The big tradeoff, if you turn
it on, is that some of your Internet activities could be blocked.
For example, I know people who have physical firewalls that prevent
them from using instant messaging software or Internet protocols
that access a certain type of server. Software is more flexible
than physical firewalls, but your best bet is to keep this turned
off until you have a specific need for it.
Protect against ping attacks: Your computer will
sometimes receive pings when connected to the Internet, and such
pings can be harmless. But hostile pings and floods can turn into a
ping attack. I recommend keeping this turned on.
Protect against port scans: To me, this is an important
protection because it can block access to many of your resources.
Keep this turned on. If you run a server, this is likely to cause
problems because whenever someone connects, he has to access ports
- even for Web sites.
Protect against SYN flooding: This limits the number of
connections made, which can prevent connection floods from causing
denial of service. There are some major Web sites that could have
used protection such as this (on a much larger scale, however) when
their servers were flooded with requests, thereby making them
anything but functional for Web surfers who wanted to visit
:-)
Protect against intrusion attempts: Do I need to draw
you a picture? :-)
TCP sequence scrambling: Keeping this checked can help
stop people from taking control of your computer. On the other
hand, it will not block Timbuktu software from being used to
control your computer from remote locations. Which is good news for
someone who likes doing this. If you have two computers and use
Timbuktu to avoid going back and forth between computers to execute
operations, NetBarrier will not mess things up with this
setting.
Stealth mode: It is a bit of an invisibility remedy -
except that you cannot hide your IP with this - and if you have
problems with certain connections to the Internet, you will have to
turn it off. It prevents your computer from replying to pings, and
the effect of a reply depends on what ping you are receiving. Your
mileage may vary, but turn it on until you notice problems.
Allow Port Mode FTP Transfers: If you set up your
general setting to Client only, this will cancel the setting for
FTP transfers. So you can limit your uploads to FTP sessions. I
find this very neat.
Antivandal alerts
If an intruder steps in and NetBarrier detects the move, it can
put the connection in a Stop List for predetermined periods (you
choose) or pop open an alert (check the Ask button) and ask you
what to do. The Stop List is handy. It will prevent temporary
attacks and perhaps discourage the person who tries to snoop. The
alert always allows you to click on Ignore if you know what you are
doing. I remember visiting the Web site of a very reputable
television network, and I felt that the alert I got was not
necessary. I clicked on Ignore. You be the judge. The Stop List tab
allows you to see who is in the dog house and edit the list.
Filters
In the NetBarrier application, you can click on Filter to set up
protection for specific data. For example, your credit card number
is something you want to protect. Click on the Filter button, turn
the function on, and click on Add. Then, give a name to the filter
in the Label field, and type the confidential data in the next
field. Make sure to select TCP/IP or AppleTalk (or both) in the pop
up menu on top of the window. This will make sure that the data
will be filtered over one or both protocols.
I created such a filter with a credit card number. I then
created a SimpleText file with the data in it. I tried to copy the
file to my iBook over AirPort through AppleTalk, and here is what
NetBarrier did:
Excellent!
Note: When filters are turned on, Timbuktu users will
experience all sorts of problems with direct connections,
especially when wanting to control the other computer. It
effectively blocks all kinds of operations, without even having
custom filters set up. It acts as another layer of protection.
Settings
The last step in setting up your personal firewall is to point
to the Settings button and click on it. You can customize software
update settings and set up a password that will prevent anybody but
you to access your NetBarrier settings when opening the
application. You can also specify if you use a dialup connection
through a modem, or permanent network connections through local
area networks, DSL Internet, or cable modem Internet.
After going through these steps, you should have the kind of
protection that your computer needs, just in case something (or
someone!) should try to snoop.
Wouldn't life be great with an iSlate?, John Hatchett, Recycled Computing, 07.04.
PDAs and smartphones are too small for some tasks, full-fledged Tablet PCs are overkill, and ebook readers are too limited. Apple has the tech to own this niche.
Mac of the Day: Original iMac G3/233, Aug. 98 - The Bondi blue wonder that bounced Apple back to profitability and into the public eye.
List of the Day: Mac Pro List is for those using a Mac Pro.
July 5 in LEM history: 98: The iMac: First of a family? - iMac Perfect for schools - 00: Apple is not your friend - 01: 75 Mac Advantages - Do you trust me? - 02: The joy of X with Classic - The good, the bad, and the intrusive - 05: No Quartz Extreme for Pismo - A brief history of NeXT - 06: Education iMac - iTunes and the French interoperability law - TopXNotes - Apple's secret battery reset utility - Misleading hard drive capacity
The Macintosh Portable started a notebook revolution, Carl Nygren, Classic Macs in the Intel Age, 07.03.
Before Apple introduced the Mac Portable, notebook computers were text-based and ran MS-DOS. Ever since, graphical interfaces have been the norm for laptops.
Our advertising is handled by BackBeat Media. For detailed
price quotes and advertising information, please
contactat BackBeat Media (646-546-5194). This number
is for advertising only.
