RealTime IT News

Excite@Home to Offer Personal Firewalls

Responding to rising security concerns, Excite@Home will announce an agreement next week to provide personal firewall software to subscribers of its cable modem access service.

@Home (ATHM) officials declined to provide specifics on the announcement. But Jay Rolls, vice president of network engineering, said the gesture was aimed at giving users peace of mind.

"Even in the cases where we think they don't really need it, we're going to endorse that as a thing you can do if you are really concerned," Rolls said.

The move by @Home comes as personal firewalls, once a niche product, have moved into the mainstream, mimicking some of the functionality of the industrial-strength firewalls used by corporations to protect their networks from external attacks. Besides blocking access attempts, many packages also enable the individual user to identify the source of the attack.

Leading PC software marketer Symantec has added firewall functionality, licensed from WRQ, to its Norton Internet Security 2000 utility, which began shipping last month. And ZoneLabs this week announced the addition of firewall capabilities to its freeware Internet security tool, Zone Alarm 2.0.

Helping to spur interest in PC firewalls are recent media reports of tools such as automated port-scanners coming into widespread use by recreational and malicious hackers. These homemade utilities enable the hacker to perform unattended probes of a range of Internet protocol addresses, examining ports at each IP for vulnerabilities. Also driving adoption of firewalls is the rise of broadband. Any Internet connection, including dial-up, is vulnerable to probes from outsiders, but experts say always-on cable and Digital Subscriber Line connections present a more persistent target to attackers.

While the gesture by @Home may console some subscribers, putting personal firewalls into the hands of inexperienced users could backfire. In many instances, once the software is installed and begins notifying them about attempted intrusions, users often find their worst fears are realized.

"It's unbelievable. A typical user will report 10 probes per day, from machines across the planet, from people they don't know who are looking for vulnerabilities in their machines," said Steve Gibson, president of Gibson Research Corp., a publisher of computer systems utilities who operates a site that enables users to test the security of their Internet connections.

According to Gibson, almost a third of the nearly 1 million visitors to the site break the cardinal rule of personal Internet security -- they needlessly have file and print sharing enabled on their Windows PCs.

For early adopters who have configured their PCs properly and use firewalls to defend against port scans and other network attacks, there's growing frustration with the responsiveness of Internet service providers in shutting down attackers. Ed Chaban, an @Home user Silicon Valley, added firewall software when his cable-modem service was installed six months ago.

"Anytime I've tried to send off anything to abuse@anywhere, the only one that has responded is my provider, @Home. At the others, it just seems to go off into the bit bucket. And these are not just port scans. They are looking for Back Orifice, and it's obvious these guys know what they're doing," said Chaban.

Some ISPs may be reluctant to pull the plug on reported port-scanners because of the current legal ambiguity about port scanning. Eric Goldman, an attorney with Cooley Godward, who has assisted numerous ISPs in drafting terms of service, said