We usually think of firewalls as secure perimeters meant to keep intruders out. But they also regulate traffic moving in the opposite direction. Learn why a two-way firewall is essential.
It’s fairly obvious why you need to prevent online intruders from infiltrating your computer. But is it really that important to control outgoing traffic, as well?
Password hashing is one of the countermeasures recommended by the Anti-Phishing Working Group. It is successful against identity theft because it “recomputes” the password and adds information specific to the site on which it is to be used. The system is transparent from the user’s point of view, who simply enters their password on an online form. The browser then converts this password and adds other information to it. This means that the full password entered by the user is not visible to the website for which it is intended; this site only receives the “hashed” password and then grants access using the same hashing algorithm as the user. This means that even if a user reveals their password on a phishing website, it can’t be used by hackers.
Absolutely.
More and more cybercriminals are targeting information they can steal, resell or otherwise use to their benefit. To retrieve that information intact—be it passwords, bank account numbers, or social security numbers—they must transmit the data from your computer to another cyberlocation. To that end, they’ve developed technologies that use your computer’s Internet connection to send information to their own computers.
Keyloggers are a prime example. These programs monitor and collect every keystroke you make on your computer, then send these keystrokes over your Internet connection to another location. Should one of these malicious technologies sneak through your defenses, a one-way firewall cannot block their outbound transmissions; but a two-way firewall can—rendering the keystroke logger essentially useless. A good firewall can also be configured to alert you to the keylogger’s presence, so you can remove it immediately.
Two-way firewalls also protect your privacy. Keystroke loggers aren’t the only programs that attempt to send information from your computer. For example, spyware and stealthy adware collect information about your surfing habits. They then use your Internet connection to transmit that information from your computer.
The fact is, you’d be surprised at the number and kinds of programs that connect to the Internet from home computers on a regular basis. A good two-way firewall can help bring those programs under your control. Once in control, you can choose to allow the useful ones through and stop the malicious ones in their tracks.
Personal firewalls build a perimeter around your computer to block unwanted guests. They set up a checkpoint at every point of entry, and when traffic attempts to pass through, they inspect it. If you’ve authorized that traffic to enter, firewalls allow it in. If not, they either automatically block it or prompt you to make a decision. In essence, they put you in control.
That’s exactly how Norton Personal Firewall™ 2006 from Symantec operates. When you set it up, it asks you what kind of traffic you want to allow through, and then goes immediately to work, constantly checking for unauthorized visitors. And with additional features like port cloaking and automatic intrusion detection, it not only hides you from hackers, but even blocks traffic that merely looks suspicious.
As a two-way firewall, however, Norton Personal Firewall goes one step further. It gives you full control over all outbound programs. As with incoming traffic, it monitors every outgoing Internet transmission, checking to see which program is sending it and whether you’ve authorized that program to connect to the Internet. If you haven’t authorized it, Norton Personal Firewall won’t allow the information to leave your computer.
A two-way firewall is a critical Internet security tool. It not only prevents hackers and other unwanted intruders from accessing your computer, but stops malicious and stealthy programs from retrieving sensitive information without your permission.
