TECH TALK: Firewalls and VPNs, Oh my!

ERIC’S TECH TALK

by Eric Austin
Computer Technical Advisor

This week I’ll talk about two networking related topics that every modern computer user should know about.

You’ve likely heard the term “firewall” thrown around in the dialog of movies or television shows during a computer hacking scene — as in, “They’re breaching the firewall, Jack!”

What exactly are they talking about? Simply put, a firewall is a set of computer programs that work together to monitor and control network connections coming and going on your PC. Typically, this is the Internet traffic that happens as you browse, send emails and watch videos online.

Certain other applications will also transfer data between the Internet and your computer, like games being played online, programs downloading updates, or certain programs that have specific network functions such as FTP programs for updating websites, or P2P (Peer-to-Peer) file-sharing applications for downloading large files.

All these different activities are happening constantly as you use your computer. A firewall program sits and watches this traffic to make sure it’s all legit.

Malicious hackers, or malware your computer could be infected with, might also attempt to communicate across your network and you want to stop that from happening.

A computer without a firewall is like a border crossing without an armed checkpoint.

Fortunately, beginning with XP, Windows comes with a built-in Firewall app included and turned on by default. So, most likely you are already protected!

Apple has also built a firewall into Mac OSX with version 10.6 (Snow Leopard) onwards.

There are a number of 3rd party security suites on the market if you feel you need something more robust, but the firewall protections already built into modern operating systems should be sufficient for most users.

However, you should never turn off your firewall! If you experience problems allowing certain network traffic because of a Windows/Mac firewall, it’s worth learning how to set incoming and outgoing “rules” correctly rather than turning it off completely. Email me if you’re having problems and I can direct you to some web pages that show how to do this.

So, let’s move on to our second topic today: VPNs. “VPN” stands for Virtual Private Network. As the name implies, it refers to a virtual network within another network, and the word “private” should tip you off that security has something to do with it.

The term, Virtual Private Network, in the technical world, can apply to a number of different networking situations, but for us, we will think of it in its most typical usage. That is, a method of obscuring the source of network traffic by funneling that traffic through another “virtual” server.

If that sounds confusing, its because you lack a little background. Stay with me and I’ll fill you in!

Normally, network traffic originates from your home PC, identified by your computer’s IP Address (Internet Protocol #). Whenever you do anything online, you’re sending information tagged with your identity (your IP#) through your Internet Service Provider (ISP) and out to the wider Internet. Everything you do is associated with that IP Address and can be linked directly back to you!

Sometimes this is not what you want.

A VPN service accepts your network communications, and then sends them back out to the Internet using its own IP Address in place of yours. In this way, none of your activities can be linked back to your personal computer. Instead, they would link back no further than your VPN server, which millions of other people also use.

Another reason to use a VPN is to by-pass geographical blocking. Some websites will block access based on the geographical location of the user. If you are trying to access the Japanese version of Hulu, for example, you could connect to a VPN server in Japan and trick Hulu into thinking you are actually Japanese!

Also, in countries that heavily restrict Internet content, like China or Saudi Arabia, VPNs help people to get around these restrictions to communicate with the wider world.

In the movies, when the heroes are tracking the hacker and they show the “link” hopping across a map of the world, this is an example of VPNs in action. Each of the points on the map is a different virtual server the hacker has used to mask his own identity. You’ll only need a single VPN yourself, but experienced hackers layer VPN upon VPN in order to further obscure the real source of the intrusion. (Although it’s never as easy to trace such a person as they make it seem on TV!)

You won’t be doing anything so nefarious, so for our purposes it’s much simpler. To use a personal VPN, all you’ll need is a subscription with an appropriate vendor, who will give you a small software program to run on your computer. This program redirects all your Internet traffic through the vendor’s servers and substitutes your IP Address for theirs. Simple as that!

Choosing a VPN can be difficult because services vary wildly, as do prices which range from $40 a year to $40 a month, depending on several factors, including: number of available servers, allowed simultaneous connections, P2P support, and guaranteed download speeds, among other bells and whistles most people won’t care about.

Personally, I can only recommend a service called Private Internet Access (https://www.privateinternetaccess.com), since it’s the one that I use. It costs $39.95/year and although bare bones, is very reliable and easy to use.

Most importantly, whichever VPN service you choose, you want to make sure they do not log network traffic. By default, servers will log any connections they receive, but since the objective of a VPN is to stay anonymous, recording your connection to it would defeat the purpose! Because of this, most VPN services purge their logs on a regular basis, but it’s worth checking before you sign up.

As they say in those after-school programs, abstinence is the best policy. But if you’re going to be a bad boy (or girl) on the Internet, make sure to use protection: always keep your firewall turned on and install a VPN for those times when you want full anonymity!

Eric W. Austin is a technical and marketing consultant specializing in helping small businesses succeed. When not writing for The Town Line, he exchanges advice for money and can be reached at ericwaustin@gmail.com.