E-Musings Mon Immorata

Free Firewalls Or Bulky Beasts? Free firewalls for all with more Windows Explorer clones, and online antivirus scans may not be quite as safe For a whole long week I've been testing out a new free firewall software I discovered. WyvernWorks Firewall 2004 blocks program from accessing the Internet without a user's permission. No, its not as advanced as ZoneAlarm Plus or Pro. But is much more than the free ZoneAlarm versions that's a heavily chopped-down version of the pay products. And frankly remains a buggy beast that loves gobbling up Windows resources! WyvernWorks Firewall 2004 is exceedingly basic. You can define the level of protection needed (Enable or Disable firewall), or choose to lock off (block) all program access to the Internet. You can also close off port-wise access to common Windows services like WWW, SMTP, and FTP which is handy if you run internal test sites on your computer. Interestingly Firewall 2004 also blocks access to the better known back door-specific ports. Application-level monitoring is quite simplistic. All programs accessing the Internet are considered as Trojans by the firewall unless you the user allow the program access, or mark it as an illegal. Once you give a program access to the Internet, it is enabled until you choose to remove it from the list. The alerts are a bit clunky and I had this pulsing windows in the Taskbar that unfortunately didn't pop-up. I keep my Traybar enabled, but if you hide it you are clueless why an application is being refused Net access. Unfortunately in the interests of fair testing, I was unable to expose Firewall 2004 to the dangers of the Internet. My 3G-powered wireless ISP has changed its network configuration to a safer, caching proxy-server setup. Clients like I connect on an internal Class B network that's fully stealthed from the Web. I submitted the connection to separate GRC and PC Flank tests. And it was completely stealthed with every commonly known (and attacked) port not there to a probe! Still, for the cost of a 2.7 MB download, you get a pretty good product in an age where there's little quality freeware. For Wyvern Works, Firewall 2004 is their way of giving back to the Web community. Show your support for their altruism: download a copy today. Wyvern also develops Pop-Up Away; a free pop-up blocker. It can block pop-ups based on their size or name and you can even add lists of ad sites to be blocked. Although if you use MyIE2 most pop-ups are blocked anyways. And add Spybot Search & Destroy's custom IE Hosts file to close off access to a almost every major Net Advertising abuser. I found out about Firewall 2004 courtesy the excellent List of Lists (previously featured in this column) which is a Neatly categorized super-Bookmark collection. Recently added is a listing of other list collection sites. A definite URL to bookmark. And if you are looking for ready answers to all kinds of Windows-related issues. Do checkout the Windows Support Center which offers tip, tweaks and downloads for every Windows variant beginning Windows 95 through to the only available to select customers Windows Longhorn. I also chanced across YAWE (Yet Another Windows Explorer) replacement. FreeSoft Labs Windows Fire Explorer looks a near perfect rip-off of 2xExplorer; another YAWE that's not so blatant about its name. The problem with these yawns, sorry YAWEs is how dependent they are on Windows. Neither includes an image viewer as good as IrfanView. Or a text viewer that supports ASCII and RTF (rich text file) formats. Includes an unzip and zip module that's not dependent on Windows. And to cap it all can also handle FTP. My favorite Windows Explorer alternate is Ghisler's Total Commander which does all these and more. Don't wait. It will be the best $32 you've spent in a while. It's official! You are wholly at fault for whatever cyber ills you inflict upon yourself. According to the Computing Technology Industry Association (CompTIA) "Human error is to blame for 84 per cent of IT security breaches." Responses from the 900 organizations included in its second annual study of IT security and the workforce, CompTIA found that a just "51 per cent had a written IT security policy." And businesses citing human errors as wholly or partly to blame for their last security breach was considerably higher than 2003's figure of 63 per cent! However, one group trying to make a difference to the downward spiral is the Human Firewall Council, a consortium formed in 2001 to highlight the importance of people to effective IT security. They have launched Security Management Index, based on ISO 17799 standards for best practice across 10 critical areas of security, for organizations to benchmark their security practices against international standards. Also interesting is Israeli maverick Rafel Ivgi aka "The Insider claim via security forum posting that Panda, McAfee and Symantec's free online antivirus scanners suffer buffer overflow errors that can allow a remote virus to execute arbitrary code and crash the user's computer. The approach taken by the various vendors show their commitment to making the Net a safer place. Panda Software updated their ActiveScan control to fix the problem and recommended that ActiveScan users revisit the site to update their controls. Symantec decided that with regard to their Symantec Security Check offense is the best defense (aka if you ridicule them long enough everyone will forget the original problem) stating that there was no buffer overflow and (therefore) no possibility of arbitrary code execution. McAfee followed a similar approach and said their McAfee FreeScan was absolutely safe. But would still release an update. Well, if there wasn't a problem why does the service need to be updated? And finally I remember bemoaning a few issues ago that the MyIE2 plug-ins page was unavailable. It still is. But the site maintainer (and chief developer of plug-ins) has posted a list of all current plug-ins to the MyIE2 Forums. That's it for this week. Stay Safe! Click Here to Email Me