Step 1: Install a Firewall
After your wits, your firewall is the most important part of your defense.
If you are not certain you have a firewall, and that also it is enabled, go to the "firewall emergency" page before you do anything else.
- Physically disconnect from the Internet
- Turn off the Windows Firewall
- Install the new firewall
- Reconnect and quickly test the new firewall
- Disconnect, and take corrective action if the test fails
In any case, be sure you do not have more than one firewall activated at the same time. The two may even defeat each other. [Instructions for deactivating Windows Firewall]
[basic defense track]
If your computer was purchased before September 2004, it probably did not have Windows XP SP2 installed. The firewall that came with previous versions is probably good enough if you have a dial-up connection and don't use the Internet extensively. However, you should have upgraded to SP2 a long time ago.
The new "Windows Firewall" that comes with Windows XP SP2 gives you stronger protection. It's good enough for a basic defense, but one of the other firewalls listed below are better alternatives. You are going to update to Windows SP2 though, aren't you? :-) [configuration guide]
The Windows Vista firewall is somewhat improved over the Windows Firewall, however the added outbound protection in not activated by default. It's certainly adequate for a basic defense track though.
No matter which firewall you choose, you need to test it. Any good online test will tell you if it's working or not. It's a good idea to retest your firewall once a month or so too.
[strong defense track]
Software Firewalls: I recommend Outpost Firewall Pro, ZoneAlarm Pro, Online Armor Personal Firewall, or Comodo Firewall Pro (free) for your software firewall. I use Online Armor -- a stout firewall combined with a robust HIPS -- in my own security system. But it's not a firewall for everybody. ;-)
My opinion on these firewalls is partly based on the results from highly-recommended tests run by Matousec, and on Scot Finnie's extensive firewall evaluation project. Your mileage may vary. ;-)
ProSecurity and DefenseWall HIPS are nice alternatives to these firewalls. They block intrusion at the application interface with Windows, but are not true firewalls. Combine one of these HIPS with a with a router that includes a state-inspection firewall, and they will provide excellent proactive security. Leave your Windows firewall on for good measure though. :-) [updated April, 2008]
No matter which firewall you choose, you also need to test it. Any good online test will tell you how well it's working. It's a good idea to retest your firewall once a month or so too.
[robust defense track]
You'll get the best firewall protection by cascading a router that includes a hardware firewall with a robust software firewall. If you have a broadband connection, I recommend that you use one.
Software Firewalls: I recommend Outpost Firewall Pro, ZoneAlarm Pro, Online Armor Personal Firewall , or Comodo Firewall Pro (free) for your software firewall. I use Online Armor -- a stout firewall combined with a robust HIPS -- in my own security system. But it's not a firewall for everybody. ;-)
My opinion on these firewalls is partly based on the results from highly-recommended tests run by Matousec, and on Scot Finnie's extensive firewall evaluation project. Your mileage may vary. ;-)
ProSecurity and DefenseWall HIPS are nice alternatives to these firewalls. They block intrusion at the application interface with Windows, but are not true firewalls. Combine one of these HIPS with a with a router that includes a state-inspection firewall, and they will provide excellent proactive security. Leave your Windows firewall on for good measure though. :-) [updated April, 2008]
No matter which firewall you choose, you also need to test it. Any good online test will tell you how well it's working. It's a good idea to retest your firewall once a month or so too.
Hardware firewalls
Hardware firewalls are more impervious in some ways than software firewalls. Even though you use a hardware firewall, you usually will want a software firewall. Routers are natural hardware firewalls, but you want one with a "state-inspection" firewall. It's very unlikely that software and hardware firewalls will conflict with each other, but it may make it more difficult to trouble-shoot connection problems when they are in cascade. [more]
- • hardware firewalls
- • hackers and worms
- • test your firewall online
- • 7-step security plan
- 1: install a firewall
- 2: tighten configurations
- 3: install anti-virus
- 4: install anti-malware
- 5: back up your data and more
- 6: dodge the dangers
- 7: patch and upgrade software
- • the best anti-malware programs
- • special plan for new computers
- • bonus: double your security
- • *links to more on the web*
- • attack vectors
- deception the #1 threat
- phishing #1 deception
- poisoned websites
- poisoned email
- email attachments
- downloads
- spam (scams and phishing)
- hackers and worms
- popup warnings
- • malicious content
- spyware
- viruses and worms
- trojans
- • backup is security job one
- • develop your "web smarts"
- don't get hooked
- guard against spyware
- be careful with email
- fear attachments
- surf safely
- • tighten security settings
- windows
- browsers
- email clients
- • defense tools and software
- firewalls
- hardware firewalls
- anti-virus
- anti-spyware/-malware
- all-purpose security suites
- • patch and upgrade software
- • bonus: double your security
- • test your protection
- • protect your privacy
- • WiFi security