Skip to content

Computer Security 101 - Part 7 - Personal Firewall

I already covered firewalls during part 3 of my computer security series, but now that we are focusing on desktop security we once again have to review the subject. For part 3 the firewall topic was in regards to the perimeter, or network; which is usually a hardware based device. In part 7 the topic is desktop or personal firewalls.

I won't bore everyone by going into detail on firewalls again, but if you have not done so already, please read the original topic Computer Security 101 - Part 3 - Firewalls. Instead, I will be covering the importance of having a separate personal firewall on each and every desktop computer.

To most people, including many industry professionals, a personal firewall is considered overly redundant. There is a hardware based firewall keeping your network secure already, why would someone want a firewall running on their local computer? It is also an extra application running on the computer, taking up resources and slowing everything down. So why have one?

Because I said so. Ha! Seriously, there are many reasons to include a personal firewall in your arsenal for computer security, the primary reason being internal threats. There are a few hundred sets of statistics out there that show the number one source of attack for any company is an internal user. Add to those statistics the attacks brought about by malicious software installed on a computer and you will start seeing numbers over 90% where attacks are from internal network threats.

Speaking of those malicious pieces of software, the days of people trying to destroy data using viruses are long gone. Rather than destroy data, the people who create these malicious programs are usually looking to accomplish one of three goals:

1. retrieve personal data from a computer; any computer. These are not targeted attacks, but rather shotgun blasts of quantity over quality.
2. turn a computer into a mindless drone to perpetrate additional malicious activities. This could range from using an infected computer to attack the Microsoft web servers as part of a mass coordinated DoS attack, to storing child porn on the computer for retrieval by other people.
3. further installations. Often the initial piece of malware that infects a computer is nothing more than a simple program designed to install additional programs. This allows the initial software to be small and appear relatively harmless to many antivirus and antispyware applications, but once a computer is infected, the downloads start commencing.

Perimeter firewalls, even application layer firewalls, do not fully protect against these types of activities, especially firewalls setup incorrectly (you did read the part 3 entry, right?). It is a piece of software on the desktop that becomes the threat, and so it is at the desktop level where the threat can best be mitigated. A personal firewall is one of the mitigaters.

Setting up a personal firewall is easy, especially considering most operating systems come with one already installed. For home use, just deny everything and prompt for overrides (but please read each prompt before approving the override). At the enterprise level, it is easy to deploy firewall settings across multiple computers utilizing group policy objects or the like. Simple, easy, and efficient. For a millionth of a second in application delay, you get a computer that is much more secure from not only external threats, but the far more common internal ones. And that is what it is all about.

Trackbacks

No Trackbacks

Comments

Display comments as Linear | Threaded

smith on :

Hey Andrew Maxim ,

Thanks for sharing such a nice article, i had gone through your all articles,I really enjoy reading your articles which are very informative.
By the way for more information on professional training and Certification for Ethical Hackers check this link http://www.eccouncil.org/certification/certified_ethical_hacker.aspx

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
Form options