Gallery

Building a standalone firewall

Posted on 6 Oct 2004 at 16:40

The Internet has become a battleground, with viruses, worms and hackers ready to pounce on unprotected PCs.

The Internet has become a battleground, with viruses, worms and hackers ready to pounce on unprotected PCs. It's become virtual computer suicide to dial-up a Windows XP computer to the Internet without a firewall. Windows XP Service Pack 2 (SP 2) has gone some way to address the main security issues, but there are still risks. Personal firewalls are a good way to safeguard individual PCs, but standalone firewalls are the ultimate answer to the threats.

With the SmoothWall firewall on this month's cover CD, you can turn an old PC into a powerful firewall and intrusion- detection system, which is just what you need to stop today's threats turning into tomorrow's nightmare. In this article, we'll walk you through installing the software on a spare PC, and show you how to keep track of the traffic coming into and leaving your network. All you'll need is the cover disc and a Pentium PC with an IDE hard disk, and at least one network card. SmoothWall works with USB ADSL modems and ISDN adaptors. You can also add extra network cards to use your firewall with Ethernet ADSL and cable routers, and create a safe zone to host servers.

What is a standalone firewall?
A standalone firewall protects your network from traffic that shouldn't be allowed in. This includes network worms and attempts by hackers to log into your internal systems. Since they don't have to do a lot of processing, and mostly just apply simple rules to incoming traffic, firewalls don't need to be powered by fast processors. A basic Pentium MMX PC is more than adequate to secure a small network with a dozen Internet users. Combine an old, dusty PC with free firewall software such as SmoothWall or IPCop (www.ipcop.org), and you can build a serious security system for free.

If you want something that looks nicer, or sounds quieter, you could build a mini-ITX firewall. The above firewalls will run on systems using any x86 processors, including Intel's Pentiums and Celerons; AMD's Athlons and Durons; and VIA's C3 chips. Visit www.mini-itx.com for some interesting-looking cases, motherboards and other components.

Aren't personal firewalls enough?
Personal firewalls are useful because they can stop all traffic coming from the Internet. This means that even if you haven't installed all of Microsoft's security updates, you'll be protected from network worms. You'll still need to update your web browser and email software, or you'll be vulnerable when you visit websites or open messages. But while installing anti-virus software and personal firewalls is sensible, you can reduce some of this workload by using a standalone firewall.

Many current Windows viruses target personal firewall software and attempt to stop them from running. Netsky is a recent example, and it's by no means the only virus that tries to knock ZoneAlarm down. Such tricks wouldn't work if your PC were protected by a standalone firewall, which doesn't have users running programs on it.

The Sasser worm, which targeted Windows' Local Security Authority Subsystem Service (LSASS), was devastating but, as Microsoft itself said, 'If you have a hardware firewall in place for your home or workplace connection, or if you use the firewall included with Windows XP, the Sasser worm is most likely blocked.'
Sometimes using personal firewalls can stop internal networks from working properly, and this was certainly the case with Windows XP's built-in firewall before SP 2 was released. If people had installed a hardware firewall they'd have barely noticed Sasser. If they also had personal firewalls installed they'd most likely have been safe, even without patching their systems or using anti-virus software.