One doesn’t need an ‘always on’ connection, such as ADSL, to be wary of connecting to the Internet. The threat from hackers and other malicious entities is real enough and a state of paranoia is healthy in this case. Tiny Personal Firewall (TPF) is a ‘free for personal use’ package which acts as a firewall, making the machine secure from outside attack.
Installation of TPF is extremely straightforward, and the first thing to note is that on rebooting TPF detected that the test machine was connected to a network and prompted to accept or reject the incoming traffic even before the logon prompt had appeared. It is this very low level of operation which makes a firewall useful – it is there before any other software is loaded. The aim is to guard against trojans – programs which can take control of your machine on behalf of a hacker or other malicious user.
Once installed, TPF sits in the background monitoring all incoming and outgoing traffic. When an application, such as Internet Explorer, connects to the Internet, a box pops up with details of the program, the port number it is attempting to use and other data. The connection can be permitted (once), denied, or used to derive an access rule which can be used by that application from then on. These rules are extremely flexible compared to some other personal firewalls, and allow connections to be enabled at certain times of the day, to log data to files and to create alerts when the rule is activated.
After installation it is a good idea to go all out and fire up all the Internet and e-mail programs that are in regular use. Going through this teaching exercise will generate the rules that you are most likely to use day-to-day. Once TPF is trained it is extremely unobtrusive, and, unlike ZoneAlarm for example, it does not generate endless alerts as your machine is scanned by external hackers looking for a way in.
The proof of the pudding is in the eating, of course. Luckily there are ways to test the effectiveness of a personal firewall without inviting any unwelcome attentions. Sygate provide an online security scan and the ShieldsUp and LeakTest pages at www.grc.com will test the security of both incoming and outgoing traffic. These are valuable resources for checking the security of a machine before and after installation of a personal firewall.
Unlike some other personal firewalls, TPF coexisted peacefully with virus scanning e-mail packages, proxy servers and Windows 2000. It does not like Windows Internet Connection Sharing, however, so if you use ICS than TPF is ruled out.
Contact: +1 408 919 7360