Make your PC hacker-proof

We ran each of the six firewalls through a number of scenarios to check its compatibility with other applications and its responsiveness to a potential Trojan horse. Compatibility is an important concern with applications that access the Internet: a poorly designed firewall might misconstrue as hacking attempts such legitimate activities as opening ports for Internet communication, and it may mistake legiti-mate programs for malware, or malicious software. Some firewalls will ask the user for permission to run applications, while others will allow or block the apps without providing feedback. In overall compatibility, BlackICE Defender had nearly flawless results, and McAfee.com finished close behind. Norton and ZoneAlarm worked well in most instances; Secure Desktop and ESafe performed poorly.

A good firewall can distinguish between network traffic related to trusted applications and malicious traffic from a hacker or Trojan horse. Some firewalls focus on applications, while others focus on data traffic. In the first case, Norton uses a lookup table of preapproved applications. BlackICE Defender, on the other hand, doesn't note what apps are running. Instead, it scrutinises all data passing to and from the computer for suspicious behaviour, or signatures. BlackICE has an extensive, updatable signature file of known hacking techniques, so it can often identify and explain exactly what is happening to your PC.

In our tests, we evaluated each firewall's ability to work with common applications that access the Internet: Microsoft Internet Explorer and NetMeeting, WS-FTP LE (a file-transfer program), ICQ (a messaging program), Napster (MP3 music search and download software), PC Anywhere (a program that allows remote control of one computer by another), and RealPlayer (music and video player software).

Sometimes the biggest challenge was determining whether the firewalls were working at all. For instance, in its default installation, McAfee.com does not launch at system start-up or appear in the system tray. You must select those options in the program's configuration. And even though Secure Desktop launches automatically at start-up, it runs entirely in the back-ground - there isn't even an icon for the program in the system tray.

Secure Desktop did ask for permission to run some applications, but when operating at its highest security setting, the program would not allow other applications - ICQ, Napster, or NetMeeting - to run at all. McAfee.com and ZoneAlarm worked fairly smoothly, asking permission for each application. Norton automatically configured rules to permit some apps, but in other cases it made us walk through an overly detailed, six-screen Q&A to manually configure rules for future use of the app. BlackICE doesn't scrutinise applications per se, but it accurately monitors the types of data they send and receive.

Finally, we ran a not-so-trusted application: the freeware version of PKZip (file-compression software). This download includes a built-in application called TSAdbot, which acts as a conduit for advertisements from the Internet and displays them while PKZip is running. TSAdbot is not a malicious program, but it does function similarly to a Trojan horse and thus tests the firewalls' sensitivity to these intruders. McAfee.com, Norton, Secure Desktop, and ZoneAlarm detected TSAdbot and asked us for authorisation. ESafe failed to react; BlackICE did not recognise TSAdbot's behaviour as harmful. When we asked Network ICE about this result, spokesperson Robert Graham said, "Currently, Network ICE does not consider adbots to be malware." But he added, "Maybe we should reconsider our position."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeff Sengstack

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?