<< Back to article Print this page Loading page, please wait...

Window Manager

Brian Livingston (Computerworld)
07 February, 2000 12:01

SAN MATEO (02/07/2000) - A new program has brought together the strongest features of the best software firewalls, Trojan horse defenses, and Internet security locks. And best of all, this wunderkind of software can be downloaded for free use by individuals and nonprofit groups. (Corporations and government agencies pay by license after 60 days.)ZoneAlarm 2.0, for Microsoft Corp.'s Windows 2000/NT/9x, is a muscular big brother to Version 1.0, which I first wrote about in my column on Jan. 10.

ZoneAlarm has come a long way since the olden days (one month ago) when it only protected your PC against Trojan horses. Trojans sneak into your system via Web sites or e-mail and send data back to a hacker's server. Version 2.0 still protects against that, but now it is also, arguably, the strongest software-only firewall currently available. This combination of firewall protection and the detection of unauthorized, outbound Internet traffic is a giant step forward that has impressed those who have tried ZoneAlarm 2.0.

Windows 2000 includes, for the first time, code that offers the capability of building a software firewall. But most of this capability resides in a new "firewall API." We'll soon see products from third-party Windows 2000 vendors that place a convenient user interface on top of this API.

Until then, ZoneLabs -- the San Francisco company that produces ZoneAlarm -- looks like it has a winner. Steve Gibson, a beta tester of ZoneAlarm 2.0 and the prime developer at Gibson Research, says ZoneAlarm "blows away BlackICE," a $39.95 software firewall I described in my Nov. 1, 1999, column (see "Software solutions can provide remedies for Windows security risks lurking on the Internet," www.infoworld.com/printlinks). BlackICE "does nothing about outbound traffic," Gibson says, giving ZoneAlarm a major advantage in features.

Why is this important? Because virus writers are getting better tools to attack your company and your PCs every day. Not so long ago, viruses were spread mostly on diskettes. Now, e-mail and the Internet are the favored transmission methods.

Trojan horses, a special breed of viruses, are becoming an enormous concern. A PC can catch a Trojan merely by browsing a Web site with a malicious ActiveX control or viewing a rich-text e-mail (no attachment required). Trojans pass right through hardware firewalls. Because the PC user initiated the viewing of the infected Web site or e-mail, a hardware firewall sees no overt attack to defend against.

Even more dangerous are Trojans that users may pick up while working on a laptop at home. When they bring their machine to work the next day, "They go past the firewall by walking in the door," says Gregor Freund, president of ZoneLabs. Once the PC is reattached to the corporate network, any Trojans inside the laptop may enjoy high privileges to read internal files and passwords.

You might say, "I'm too small for any hacker to be interested in my data."

Think again. There has been an explosion of identity theft in just the past few years. Hackers obtain credit card or Social Security numbers, then rack up thousands of dollars of charges with new credit cards obtained in your name.

Where do they get these numbers?

Financial firms are a favored target of computer criminals, but they're not the only worthy target. I once thought I'd never store my Social Security number on my computer. But then I used Windows 2000's Search feature to look on my hard disk for my SS number. I was startled to find over 30 documents where it was stored. Over the last five years, I've carelessly entered these numbers into client invoices and banking forms, never thinking to clean the information off my hard disk.

Of course, now I'm using a hardware firewall from WatchGuard Technologies (www.watchguard.com) plus ZoneAlarm and anti-virus software to protect my office's high-speed Internet access lines. But many companies are not equally well-protected. The threat is real. ZoneLabs' Freund says he's detected variations of the well-known "Back Orifice" Trojan horse in four e-mails he's received just in the past six months.

To download ZoneAlarm 2.0, go to www.zonelabs.com. After installation, I recommend you click the Help button (yes, really) and read all the capabilities of this sophisticated program.

And, like any "point-oh" release, there's still a bit of "oh" left in it. You should visit Steve Gibson's update page on ZoneAlarm at grc.com/zonealarm.htm.

Gibson describes several quirks he doesn't like in Version 2.0, and announces when each one is fixed.

Most of the quirks are minor and won't keep you from using the product.

Download it now, and e-mail me your experiences. Use "ZoneAlarm" as the subject of your e-mail.

Brian Livingston's latest book is Windows 2000 Secrets (IDG Books). Send tips to brian_livingston@infoworld.com. He regrets that he cannot answer individual questions.