Sunbelt Kerio Firewall – Intrusion Prevention

By terry Leave a Comment

I use the Sunbelt Kerio Personal Firewall. on all my family’s computers and my business computer, too. It’s easy, convenient and inexpensive.

I also like that it stops a lot more things by default — I hate firewalls that accept outbound connections automatically without even telling me.

Ads by Terry


Sunbelt Kerio Personal Firewall

Two-way firewall protection for PC’s
terryscomputertips.com/Kerio


CounterSpy

Always-running AntiSpyware Protection
terryscomputertips.com/Counterspy

I used to think that was just the Windows Firewall, which is only a one-way firewall. It only stops outsiders from getting to your computer. But, one of its biggest flaws is that it accepts anything originating on your computer as if it were valid — and it permits it to access the Internet.

That might be a program calling home to check for updates. Or, it might be a program calling home to log that it’s being used from that IP address, or even more details like the “registered user” of the computer. Or, it might even be a spam program or other nasty that you picked up on the Internet by accident, and don’t even know that it’s there!

I used to use the ZoneAlarm firewall. It wasn’t until I changed to the Sunbelt Kerio Personal Firewall that I learned that Microsoft itself was calling home way too often. ZoneAlarm used to tell me about the “call home” in Windows Media Player. But, it never told me that Windows XP called home when I simply clicked on Search (Start, Search).

But, the Sunbelt Kerio Personal Firewall told me. I’m much more comfortable knowing when an outbound connection attempt is made — and allowing it if I want — than to let the program have a pre-defined, un-editable list of “OK programs.”

Sunbelt offers a free full-function 30-day trial of the Sunbelt Kerio Personal Firewall. After 15 days, if you’re using it at home and not for business, you can use it for free (but with fewer functions).

Regularly $19.95, Sunbelt offers a special two-fer — two licenses for Sunbelt Kerio Personal Firewall for only $29.92. At this price, all my copies are “paid” copies.

Filed Under: Firewalls, Free Trials

Intrusion Detection & Intrusion Prevention

By terry Leave a Comment

Intrusion Detection is one of the computer concepts that has moved from the server world to the PC world.

Our first step, though, is prevention — keeping intruders out of our computers.

After years of total exposure of most Windows computers, Microsoft finally included a built-in software firewall in the original versions of Windows XP. By default, dialup connections had the firewall turned on. BUt, for high-speed network connections — the kind we have with cable or DSL, Microsoft set the default for the Windows XP Firewall to “Off.”

Read more in my article Intrusion Detection & Intrusion Prevention

Filed Under: Firewalls, Intrusion Detection

Computer Security Software Recommendations

By terry Leave a Comment

My Philosophy: Many people want to pick their most economical solution and prefer an all-in-one anti-virus, anti-spyware and firewall solution. In concept, that’s a great idea. In actual practice, this type of package is not likely to be the best in all the protection categories you need.

Other people want to pick the best of each type program. I’m one of the these folks. Read about my security software choices.

So, I’ve got two types of recommendations: the all-in-one solutions and my picks of the individual products for people who want to pick a program of each type.

Read more in my article Computer Security Software Recommendations at www.TerrysComputerTips.com

Filed Under: Anti-Adware, Anti-spam, Anti-Spyware, Firewalls, Free Trials, System Control, Updates

Do I need a firewall program?

By terry Leave a Comment

“Firewall? I don’t need no stinkin’ Firewall!”

Ads by Terry


Sunbelt Kerio Personal Firewall

Two-way firewall protection for PC’s
terryscomputertips.com/Kerio


CounterSpy

Always-running AntiSpyware Protection
terryscomputertips.com/Counterspy

You only have to read a few of my Internet security articles or my home networking articles to know my thoughts on that. I believe you must be use a software firewall on your computer. Whether you are use dialup, cable or DSL, and no matter whether you have a router/firewall on your network or not.

A lot of people believe that they are safe since they use dialup. Once upon a time, the danger was to high-speed users only. However, now, everyone is at risk, whether they use dialup or high-speed.

Read more in my article Do I need a firewall program?

Filed Under: Firewalls

Wi-Fi Hotspots and Computer Security

By terry Leave a Comment

Are you safe when you use the wireless network at your local coffee shop or airport? Maybe. Maybe not.

Are you accidentally sharing your files on your computer? Is your computer “trusting” connection attempts from the other computers at the hostspot?

Ads by Terry


Sunbelt Kerio Personal Firewall

Two-way firewall protection for PC’s
terryscomputertips.com/Kerio


CounterSpy

Always-running AntiSpyware Protection
terryscomputertips.com/Counterspy

The bad news is that many people with personal notebooks make three critical mistakes:

  1. they have not read (or have not followed) my Wireless Networking pages for wireless security tips
  2. they don’t have a third-party firewall program (Do Not Rely on the Windows Firewall!)
  3. they have not changed their default “workgroup” name

A few even make a 4th — they don’t even run any firewall.

Read more in my article Wi-Fi Hotspots and Computer Security

Filed Under: Firewalls

What are Intrusion Detection Systems?

By terry Leave a Comment

Intrusion Detection System (IDS) are a necessary part of any strategy for enterprise security. What are Intrusion Detection systems? CERIAS, The Center for Education and Research in Information Assurance and Security, defines it this way:

“The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts”
(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)

There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS). These systems monitors packets on the network wire and looks for suspicious activity. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.

Who is breaking into your system?

One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem. The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.

How do intruders break into your system?

The simplest and easiest way to break in is to let someone have physical access to a system. Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are many ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.

How does one stop intrusions?

There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems.

Open Source Intrusion Detection Systems

Below are a few of the open source intrusion detection systems:

AIDE (http://sourceforge.net/projects/aide) Self-described as “AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire®. It is designed to do the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire.”

File System Saint (http://sourceforge.net/projects/fss) – Self-described as, “File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use.”

Snort (www.snort.org) Self-described as “Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.”

Commercial Intrusion Detection Systems

If you are looking for Commercial Intrusion Detection Systems, here are a few of these as well:

Tripwire
http://www.tripwire.com

Touch Technology Inc (POLYCENTER Security Intrusion Detector)
Http://www.ttinet.com

Internet Security Systems (Real Secure Server Sensor)
http://www.iss.net

eEye Digital Security (SecureIIS Web Server Protection)
http://www.eeye.com

Technorati Tags: , , , ,

Filed Under: Firewalls, Internet Privacy, System Control, Windows XP
Newer Posts »