Hackers are now targeting individual Internet users and their unprotected home computers for nefarious purposes, such as launching denial-of-service attacks. This makes firewall protection for any computer with a full-time Internet connection-such as DSL-an absolute necessity. It’s even a good idea for computers with dial-up modem connections, which are vulnerable while online. Symantec aims to give Mac users that protection with Norton Personal Firewall 1.0. Alas, though the software has some intriguing features, its basic firewall functions need improvement.
Protection for One
Norton Personal Firewall installs easily and operates unobtrusively in the background, intercepting attempts to access your computer and repelling unauthorized users. The easy-to-use control application lets you turn protection on and off and configure various features. It also warns you at start-up if you’ve inadvertently left file sharing open via TCP/IP.
You can opt to permit access by outside users, either by service (such as file sharing) or-to extend access only to specific outside users-by IP address. The program logs access attempts; you can choose to have it notify you via a pop-up alert. Clicking on column headings sorts the log file, simplifying log reviews. A convenient test lets you generate packets that simulate an attack to verify that the firewall is working.
These features are all very good, and they would put Norton Personal Firewall at the top of its product class, were it not for some shortcomings in the program’s basic firewall mechanism. One problem is that the firewall itself admits certain kinds of harmful traffic-such as denial-of-service attacks-making the product nearly useless as a deterrent to serious hackers.
During testing, Norton Personal Firewall cheerfully let pass forged IP packets crafted to attack innocent remote users, something modern firewalls need to prevent. Such packets also have the potential to exploit hidden flaws in Mac OS or in third-party network applications. Norton Personal Firewall also has trouble with file transfers via FTP using a Web browser-you have to turn off the firewall temporarily to transfer files.
Sheep in Wolf’s Clothing: Norton Personal Firewall 1.0’s solid-looking interface gives all indications that you’re well protected from Internet predators, but this firewall won’t protect you from denial-of-service attacks.