In his article Debunking The Top 10 Security Myths Lee Clemmer states, "While the importance of firewalls cannot be overstated, even the most secure firewall available won't provide security if error, ignorance, carelessness, apathy, or company policy results in an insecure configuration." And he is, of course, absolutely right. This article looks at some easy steps you can take to make your firewall more secure.
Keep Your Firewall’s Settings Consistent
Computer users are of different types and they access the Internet for a wide range of different activities. Talking specifically about small companies, they decide to assess individual users and their work requirements and then setup their firewalls appropriately, according to their usage habits. It is very common that some employees often toggle their firewall to permit instant messengers in and out. Similarly, a home Internet user might authorize a certain site to show popups while another user might disable all popups.
These tweaks might not seem harmful but in fact they are. They can create platforms for different attacks, so that when a malicious program finally succeeds in gaining access through the firewall, it will become very difficult to tell where the firewall weakness is located and what needs to be done to get rid of that weakness.
It becomes even more difficult to identify a problem when having different settings for different users on the same computer (i.e. which ports on a firewall to block, which applications to allow access to, etc.). Therefore, besides having a firewall, keeping the same security settings for all computers and user accounts within a computer is the best way to make a firewall secure.
Add Multiple Layers Of Security To Your Machine
A firewall software can be thought of as a defensive wall around your computer that keeps the dangerous types of information from entering into your PC while letting the authorized information pass through it. The firewall is a necessity because it always fights a combat against hackers who use all their effort in creating the most dangerous malware in the world.
Some of this malware becomes successful in breaching the firewall and entering your PC. Therefore, a firewall must always be supplemented with an combatant antivirus program, which scans information that has gotten through the firewall and deletes the malware that it detects. This way, any malware that eventually succeeds in dodging your firewall on its way to your computer, the antivirus program will catch and vanish it.
Pop-up blockers and anti spyware programs are great supplements to your firewall and you should also use them. The conjunction of these and the firewall will help limit the number of different types of malware that your computer may face, thus help make your firewall more secure.
If you use Microsoft's Internet Explorer, you can make it more secure by doing some easy tweaks. Read securing Internet Explorer for instructions. In addition to that, you can use Microsoft's free software called Windows Defender to add extra security while you surf Internet.
Use Strong Passwords
While a firewall can protect from almost every attack by a hacker, this must be kept in mind that if a hacker is able to gain access to your computer by any chance, the firewall can be rendered useless. Let alone hackers, anyone can gain access to your sensitive data if they know your password. For example, if anyone wants to gain unauthorized access to your computer, he or she does not need breach your firewall; rather he or she can guess your password instead. That is why, it is essential that you use strong passwords that are unbreakable.
Creating a strong password basically requires the following things:
1. Length. If the password is short in length, this makes it easier for the hacker to guess the password by simply guessing it. Therefore, it is best to have a password of 6 to 8 characters. Longer passwords can quickly frustrate most hackers, even if they use password breaking tools.
2. Structure. Passwords consisting of combination of digits, characters and symbols provide the best security, even against powerful password breaking software. If you use a simple password instead like "applestreet", it will then become too easy for even the ones other than the hackers to guess it.
3. Uniqueness. Just as you do not have one key for your door, car, garage, etc, you should never use the same password for all your access codes. Using a commonly used password can be guessed by your friends and colleagues easily. And if they succeed in stealing your password, you can expect them to misuse your online bank account, email accounts.
4. Frequency. The best practice after creating a strong password is to change it regularly. You should change your password idly after every 3-4 weeks. Doing this will narrow the chances for someone who might have stolen your password to misuse it.
For complete guide on creating an unbreakable password, visit How to create unbreakable passwords.
Use 128-Bit WEP Encryption
It has been discovered by the experts that even the beginner hackers are able to hack the wireless signals and with a little effort. And when they successfully hack it, it can be expected of them to do all sort of things that professional hackers do – like stealing credit card information, passwords or bombard your computer with worms, malware, etc.
Many businesses use different encryption methods to secure their wireless communications and the most common encryption method they use it WEP. Encryption can range anywhere from 40-bit to 152-but the most secure wireless encryption method is 128-bit WEP. It is not 100% sure but its strength is more or less acceptable for ordinary users.
Standby Your PC To Keep Hackers Away
Practically, you or the hacker can access the computer only when it is on. Thus, no one can get to your computer when it is in standby mode. Putting the computer in the standby, when not in use, is one of the easiest ways to reduce your exposure to hackers and thus supplements your firewall's efforts to keep your computer safe. Consider computer standby as the best firewall.
Auto Updates For The Firewall
Hackers probably do not spend a single day without creating new spyware, viruses and other forms of malware. Therefore it is important to update your firewall regularly. The only best way of ensuring that your firewall remains up to date is to setup auto-updates. Doing this will save you from worrying about updating it manually. The updated firewall will be able to detect and protect your computer from new viruses, worms, Trojans, etc. Regularly updating your firewall will not only make it stronger and more protective but also any bugs that might have been in the program will be removed.
The method for enabling auto-updates in Windows XP is simply enabling it from Windows Automatic Updates, accessible from Windows Security Centre in the Control Panel. When you enable it, Windows will check for available patches at regular intervals and will suggest you to download them. If you decided to use third-party firewall software like ZoneAlarm or other, the process of enabling auto-updates would be straight-forward – just look at the settings page of the program or check the manufacturer's website for instructions.
Tweak The Firewall Settings
A firewall can be tweaked to check its updates at a specified time. It is important to schedule a time because if you set an update time but your computer is off, your firewall will never update. So make sure to schedule your updates for a time when your computer is going to be on and connected.
Firewalls are not very intelligent; you can tweak the settings of your firewall so that you can restrict programs that you think should not access the Internet. Similarly, you can adjust settings to allow certain programs to access the Internet. You can also consider whether your programs need to both send and receive information and configure the firewall for them accordingly.
If you use a printer, restricting others on a network from having access to it can be done through the firewall. You might want to do it to prevent its misuse. Similarly, with little steps you can restrict your printer from having access to anything beyond the local network. Doing this will prevent viruses from entering into your printer software and send and receive data through that connection.
Test Your Firewall
To find out how to test your firewall, read our article What You Need To Know About Firewall Leak Tests.