My wife and I are now on Road Runner (http://www.twcentralflorida.com/rr/)
and we have investigated whether we need firewalls on our computers.
We have come to the conclusion that we can have adequate security
By the way, everyone who is on the Internet for extended periods
of time should be concerned about the security of their system.
I know a man who comes home from work, logs onto his Internet
Service Provider and leaves his computer on until he goes to
bed. His computer is open to hackers as long as it is on.
I had the pleasure of speaking with a Road Runner technical
support young man who was very knowledgeable about Local Area
Networks and their exposure when on Road Runner.
He got his information from http://grc.com
the site of Steve Gibson of SpinRite (http://grc.com/spinrite.htm)
I told the Road Runner tech that I had also visited
that site -- it has lots of information on the subject -- but
I did not really come away with the step-by-step information
I needed to make the changes to my set up. He led me through
it, step by step.
Since then I have made the changes for my wife, two members
of the Space Coast PC Users Group and a friend. It's not
The first step for anyone should be to go to Gibson's site
and have him Test your shields and Probe your ports. The
first is fairly quick but the second takes several minutes. It
is worth the wait.
If you have not changed your computers networking defaults,
you will probably be told that your computer is broadcasting
its presence on the Internet through its NetBEUI facility and
that your POP-3 port (Post Office Protocol version 3. Thats
your email protocol.) is open and available to hackers.
OK, so how do you fix all that without a firewall?
This situation occurs because Client for Microsoft Networks
and File and Printer Sharing are both bound to your TCP/IP
protocols. TCP/IP broadcasts its presence on the Internet. NetBEUI
does not broadcast its presence unless it is bound
to TCP/IP. To fix that, open the Control Panel and open
Network. See Figure 1.
Double click on TCP/IP -> your Ethernet card and
TCP/IP -> Dial Up Adapter. For both of these protocols,
select the Bindings tab. Uncheck both Client for Microsoft
Networks and File and Printer Sharing. Windows
will complain that you haven't bound the protocols to anything.
Click OK. Later, Windows will complain that you
don't have a complete network. That's OK too. See Figure
2 for how the screen should look after you make the changes.
At this point, if you are on a LAN (All Road Runner customers
are on a LAN), you should check to make sure that NetBEUI
-> Ethernet card and NetBEUI -> Dial Up Adapter
ARE bound to Client for Microsoft Networks and File
and Printer Sharing. See Figure 3.
When you close Networks, you will be prompted for your Windows
CD. The computer will spend several seconds doing something
and you will be asked if you want to reboot the computer to complete
the changes. Click Yes.
Once your computer is up and running, go back to http://grc.com
and check your shields and ports again. You should get a report
that your computer is no longer exposed to the Internet and that
all your ports are closed. According to Gibson, that is as secure
as anyone needs to be.
If, after you make the changes recommended, your POP-3 port
is still open, Gibson will tell you that it is probably because
you are running Norton System Works 2000 (http://www.symantec.com/sabu/sysworks/basic/).
That version of Norton Anti Virus puts a proxy POP-3 server
between your email software and the Internet. I had to go into
NAV and disable Check incoming email on the properties
page. According to Gibson, Symantec (http://www.symantec.com)
has provided a patch for the PoPserver, but it is not a good
Am I more exposed to email viruses, worms, etc. now than I was?
Yes, I suppose I am, but I'm no more exposed than I was last
week when I was guarding my computer with Norton System Works
If you have a LAN in your home or office, you should make sure
that files and printers to be shared are protected with good
passwords. A good password has upper and lower case characters,
numbers and cannot be deduced from you name, address, phone number,
Why would anyone need a firewall? You would need one if you
are hosting a server or connecting directly to other computers
to exchange files through the Internet. If your network has a
server (ours doesn't) that server should run a firewall. Norton
Internet Security (http://www.symantec.com/sabu/nis/index.html)
has a firewall, among other things, and is now available. Gibson
reluctantly gives it a good report because Symantec bought
the firewall from a company he admires.
Note: This article contains
links to external web sites. Web addresses are constantly changing.
There is no guarantee that the information links provided in
this article will remain unbroken or up-to-date beyond the date
that this article is originally published.