They have written programs that will scan the Internet for systems that have for one reason or another left ports open to the outside world. These open ports have led to some of the recent distributed denial of service attacks that have occurred lately. If you are diligent in keeping your software updated with the recommended patches that are available, you will be a lot safer than most of the folks out there.

The cable and DSL modems provide a very fast and always on connection to the Internet. This is very helpful to those of us who use the Internet daily for product literature, software updates, and processing of orders from our vendors and customers. Email is very susceptible to attacks also but that is another animal that I believe I have covered a number of times before now.

The direct and always on connection to the Internet means that you are networked directly with other systems that are connected to the Internet. This means that if you do not have some type of firewall installed then it is not a matter of if a hacker will attack you but only when. The port scanning software that they use takes advantage of the many mistakes that are made when the programs that we use are written as well as when we as the end users install them.

This is why we need some type of firewall. A firewall can be defined as a gatekeeper between you and the rest of the Internet world. Most of the people on the Net are just like you. They are there because they are trying to learn or buy something from someone else that is willing to teach or sell to them. Then there are the hackers that are there to cause trouble and mess with the rest of us. The firewall is the barrier between us and them. It makes the choice of what to let into and out of your system to the Internet.

There are two basic types of firewalls that are available, hardware and software. An example of one of these hardware devices would be the Linksys EtherFast four-port cable/DSL router. You can purchase one for less than $200. I would recommend this device to anyone who has a cable or DSL connection, whether they need to use the rest of the ports for networking or not. This device connects to your modem, and thus the Internet thru a Wan port. This means that the device is connected to the Internet and is the one that the hackers will be trying to get into. Since this device does not have any software running on it there is nothing for them to hack. Your system connects to the Internet thru the Linksys and thus is invisible to anyone on the Internet. The Linksys can be attached to an existing network or used to start your own small network to allow Internet sharing without any additional software. It can be configured to be the DHCP server and allocate IP addresses to the computers that are connected to it or if you have an NT server that is handling DHCP you can turn this feature off and just use the gateway features. There are a number of other solutions that are available but I feel that this is the best for the money.

We have been using the Linksys router at our office for a number of months and have been very pleased with the ease of setup as well as the functionality of the device. There does not appear to be any degradation of the signal or any problem with the network. The best thing about the switch was that we gained three extra 10/100 ports for our network and that I was able to discontinue using the Internet sharing software that had become somewhat of a headache to me.

The only problem that I have found with the Linksys is that I am not able to monitor the attacks that I know we are being hit with from the Internet. This is where the software firewall comes in. There are a number of solutions that are available. Some examples would be ZoneAlarm, BlackIce Defender, and Norton Internet Security 2000. I would recommend reading what Steve Gibson has to say about these and other firewall products on his site at http://grc.com/su-firewalls.htm.  You do not have to have both a hardware and software firewall to feel protected from the Net, but I would not want you to be connected without some form of protection. ZoneAlarm, is a firewall that is free to a non-commercial user. It also protects against malicious e-mail scripts that are popular with virus writers. On installation ZoneAlarm places a rules database file into the windows/Internet logs folder, which it then uses to decide what traffic to allow into your system from the Internet and what not to. There are a number of Trojan viruses that have been around for a number of years and are still being propagated. When a program on your computer tries to access the Internet for any reason, it must go thru ZoneAlarm. If a rule is not already in place for the specific request then ZoneAlarm will ask permission from you for access. You can choose to have the program remember the answer and thus add it to the rules database or to ask again the next time the question comes up. This is going to take some getting used to on your part, but it is necessary in order for ZoneAlarm to protect you.   There are five main configuration tools within the program that will allow you to personalize the program to your needs, the security panel, the lock panel, the programs panel, the alerts panel, and the configure panel. The default settings will be a good starting point for most of the users that install this product. There will need to be a little tweaking done as you learn what kind of activity to expect and the amount of pop up alert that you want to deal with. As with the other alerts that come from some of the other program on your system, be sure to read them and not just click on OK to get them off the screen. I cannot tell you how many people call with a question about a message that was on their screen and they cannot even tell me what it says. If you do not understand what is being asked then write the question down and find the answer. The net is only a click away.   BlackIce Defender is a software firewall that is available for $39.95 direct from the manufacturer. It works essentially the same as the others with the ability to tweak the program to your needs. It watches all Internet protocol transmissions to and from your system and can block malicious intrusion attempts. One very nice feature that it has is the ability to log the attempts and also block access to future attempts. The program uses the same type of rules database as ZoneAlarm and blocks all of the usual, know backdoor type Trojans that are out in the wild.   Norton Internet Security  2000 would have to be my choice from the programs that are available. It is available from most computer stores. Norton is also a rules-based database. There are provisions within the setup of the program to allow you to setup an internal network and to allow file and print sharing among the computers without compromising your Internet security. The program allows you to setup users and give them different levels of administration within the program as well as different levels of access to the Internet.

You can set users up as restricted, normal, or supervisor. You can set up rules to allow or disallow program access to the Internet. You can set up rules to allow or disallow program access to specific ports. A lot of the rules are built into the program and should not be changed at all. A lot of the rules that you will need to create will take a little thought on your part. You will need to learn what the program is asking you to allow and then make a decision as to whether or not you want that to happen all the time, this one time, with this specific port, or any port, from this address or from any address. There are a few more variables that you will need to learn about before you get into the program to start changing things around.  Another very useful item that is available within the program is the ability to control the level of privacy that you would like to have on the Internet. You can choose whether to allow cookies to be placed on your system and whether or not to allow ads as well. There are different levels that are available so that most of the user should be able to find a happy medium that they can live with.

Norton will also allow you to set up Parental control for the younger members of your family. The program has a number of sites that it will deny access to. You have to ability to check for updates to the program from within the program. This will allow you to update the site list for the Parental controls as well as the rules database that the program uses to protect you on the Internet.

All of you with cable and DSL service be aware. If you do not have some form of firewall running on your system then you are playing with fire that you cannot even see. You will not know that your system has been compromised until after the damage has been done. Remember that it is not a question of if you will be attacked, but only when.