Securing a Digital Home

You wouldn't leave your car unlocked. So why invite cyber criminals inside?

So you've bought that brand-new personal computer and, this time, you've signed up for an always-on digital subscriber line (DSL) or a cable-modem connection. Now, you're surfing with impunity, only faster.

Guess again. The instant you hook that PC up to the Internet, you become a target for the menagerie of ne'er-do-wells crawling through cyberspace. Welcome to the growing and, unfortunately, necessary world of personal firewalls. A firewall in your PC acts like a metal detector in an airport. It screens potentially dangerous data traffic from going inside. Dozens of firewalls are on the market today, and most sell for under $50. They install in less than an hour, and they all do the same thing--shut down and hide computer ports so outsiders don't even know your machine is connected to the Net.

The programs provided by your PC's manufacturer or your Internet service provider aren't enough. Microsoft's Windows XP operating system has a firewall built in. But it's up to you to turn it on--and you face a devil of a time figuring out how to do it. Here's a timesaver: Go to the software's home-network section, open the "properties" menu, and click to turn on the firewall.

But even then, there are security holes that can be easily exploited by cyber fiends. To make Windows XP easier to service, Microsoft (MSFT ) set up the software to let a Microsoft support person fix it over the Net. Problem is, a hacker can turn that convenience feature against you and use it to take over your system.

Similarly, don't be misled by the gear you need to set up a home network. A router acts like a natural firewall because it hides multiple computers behind your Internet address. Some even say "firewall" on the box. But one of the biggest problems facing home users these days are so-called Trojan-horse viruses--seemingly innocuous files masquerading as downloads or e-mail that, once in your computer, allow someone to monitor your machine or take it over. A router can't help you there because it won't alert you to suspicious outbound traffic. But a good firewall can.

In general, the best firewalls, such as the Norton, ZoneAlarm, and Sygate firewalls, inspect what's coming in to your PC and turn away anything that's up to no good. And they alert you if sensitive data, such as passwords or credit-card numbers, mysteriously head to the Net from your PC.

There's one more thing to keep in mind: You are the weakest link. It's tempting to simply turn off a firewall when it sounds an alarm or prevents you from visiting a Web site. Don't. Or at least don't forget to turn it back on after you figure out what's going on. Once you've gone to the trouble to get it running, you might as well use it to keep scoundrels at bay.

By Jim Kerstetter

    Before it's here, it's on the Bloomberg Terminal.