the internet - NOT SO SAFE AS YOU THINK

NetBarrier 2.0.1 Review for PROMAC

by Intego
$149 on sale for $39.95. at the Intego web site: http://www.intego.com/

review by Scott Williams
<http://www.math.buffalo.edu/~sww/> 3/14/00

another Intego product Virus Barrier

Another MAC firewall product, Door Stop at OpenDoor

Jim Gordon reminds us that vicomsoft, at http://www.vicomsoft.com/solutions/education/edu.html, offers another firewall solution.

Hardware Firewall: Sonic Wall & Lynksys

NetBarrier System Requirements: Mac OS 7.5.5 to OS 9 ; PowerPC or iMac or G-series; Transport; 16MB memory; 5 MB free disk space; Screen resolution 800 x 600 or higher

How can you get it? Or a CD or download from the web

Last year I watched a Rochester friend of mine, Steve, using his Mac 7100 to look into the computers of folks in his neighborhood with a cable modem. He proudly proclaimed Windows machines have poor security while Apple's fire sharing off option is comparatively a giant. A few months ago he found that some one had mucked around in his machine even though filesharing was turned off. On the Soundbytes computer help radio program <http://soundbytes.org/>, I heard of a PC user who left Time Warner's cable modem ISP RoadRunner because of his concerns with security issues with cable ISPs."

Thanks to Adelphia in Buffalo, now I have a cable modem, and on my computer sits sensitive material. My cable modem makes my computer potential honey for buzzing computer hackers. With all the recent reports of computer break-ins and hacking, I'm concerned about computer security. NetBarrier, which calls itself the "personal firewall and antivandal solution", claims to be able to eradicate these problems, stopping hackers cold.

Here's what IT Security News said on the relase of NetBarrier 1.0 July , 1999, "First single-user firewall software for the Mac OS, securing both Internet and LAN-based traffic directly at the individual computer level, with intelligent antivandal and Internet packet filtering software for a complete single-user security solution."

The first question I thought of is "is it easy to use?" I hate manuals, that's why I have a Mac. But NetBarrier's pdf manual has plenty of pictures for us dummies to piece together the workings of the program. Yes, it is easy to use.

The second question that comes to mind is, "does it work?". In order to answer this question, I set up a number of real world situations to diagnose NetBarrier's ability to stop intruders:

1. ping floods
2. port scan
3. emailing sensitive material
4. response to discovery of hacks

I asked Steve, in Rochester, to flood my machine with pings, a dialog box instantly appeared stating his IP address and the violation of trying to flood my machine with pings. Then using NetBarrier again, I put his IP on "ban", and asked my friend to try again. Not only was my G3 unaffected by the ping flood, but Steve received no packets in exchange for the ones he sent out; meaning that Netbarrier worked.

Similarly, I asked a UB friend to perform a port scan on my G3, a kind of dialog box appeared again, stating the same information. Again, choosing to ban the IP resulted in the remote user to unable to do anything to our machine. Additional attacks on my machine yielded similar results, with NetBarrier effectively was burning the hacks.

The next feature included with NetBarrier is called a firewall. Firewalls, as you might know, are often times used in large scale intra/inter net solutions where the utmost security is needed. Software firewalls, like the one included in NetBarrier, are not as pervasive as dedicated hardware firewalls, but I'm told they are not as effective. However, NetBarrier's firewall hasn't failed to my knowledge. Another NetBarrier option is to declare that certain material, say a credit card number or password, not be allowed to leave my computer. When I turned off my cable modem and used my dialup modem to send the number in an email letter, NetBarrier allowed all but that specific email through. Back on my cable modem, I tried to send out the number in a microsoft word document attached, and NetBarrier stopped it again. When downloading a file off the internet, for example, turning off incoming web traffic resulted in the download to stop. Likewise, turning it back on allowed it to resume.

NetBarrier's firewall includes five pre-set modes for setting up a firewall: no restrictions, server/client configuration, a server only configuration, a client only configuration, to a "no network" configuration. All of these are fine for normal users, but power users can also use the sixth option, which allows you to customize and tweak different settings.

Who needs it? [from ask Dave in MAC Observer]

"Mac OS 9 includes the ability to share files and printers via TCP/IP (this can also be accomplished on pre-Mac OS 9 machines with software like Shareway IP). This is a Good Thing. TCP/IP is faster than Appletalk, especially on 100Base-T connections, and it allows sharing of data with people NOT on your local network. However, as we discussed above, this will open security holes on your Mac. If you do need to do this (for example, to mount your home machine's hard drive from the office and exchange files throughout the day), then you just need to make sure that you don't have 'guest' access on, you have hard-to-guess passwords, and you change them often. If you're just using ONE computer on the cable modem, NetBarrier from Intego available as a firewall for single, standalone computers"

Negatives: One concern that prospective NetBarrier users have are, "does it cause any performances hitches?" Intego, NetBarrier's maker, continues to assert that network performance will never decrease or decay. However, I've noticed a big slow down in the time it takes for my email to go out, but perhaps that's the fault of the lousy adelphia connection.


back to Scott's Computer Bookmarks http://www.math.buffalo.edu/~sww/computer-stuff/computermarks.html