Practical uses - Installing Tiny Personal Firewall

Advantages of a firewall

When a computer is connected to the Internet (or any other network), it is a potential target for attacks. Numerous data packets are randomly sent by hackers to spot connected machines. The latter are looking for a security hole to exploit it and access its data.

As a result, it is necessary, particularly for internet users with an internet connection (particularly cable or ADSL), to protect your computer from network intrusions by installing a firewall system. A firewall is a system that lets you protect a computer from network intrusions (or protect a local area network from Internet attacks).

In addition, a firewall lets you control network access for the applications installed on the machine. Trojan horses are a kind of virus that open a flaw in the system to give a hacker remote control of the machine. A firewall lets you spot suspicious connections on the machine, but it also lets you prevent them.

Introduction to Tiny Personal Firewall

Tiny Personal Firewall is a personal firewall (a software program for private individuals) that makes it possible to protect a networked machine.

Tiny Personal Firewall is free for personal use (it requires payment for professional use).

Tiny Personal Firewall provides a high level of protection, but its use requires a minimum level of knowledge about the TCP/IP protocol suite. It is not for beginners. Beginners can however use a more user-friendly firewall such as ZoneAlarm.

This firewall offers three security modes:

• cut me off: lets you temporarily disconnect the computer from the network.
• ask me first: the software asks for the user's opinion (accept or reject the connection) whenever unknown traffic is detected.
• don't bother me: the software lets the unknown traffic pass through

Tiny personal firewall also lets you:

• protect access to configuration and logs thanks to a password
• remotely administer the machine (optional)
• define programs with Internet access
• create a checksum (MD5) for each application. As such, when an application is modified, the software will notify the user and re-request confirmation.
• define the IP addresses of machines authorized to connect
• control access according to time rules
• receive alerts when outside connection attempts are made

Installing Tiny Personal Firewall

Installing the software is extremely simple: you firstly need to obtain the most recent version of Tiny personal firewall

• Download Tiny personal firewall

Next, run the application and follow the installation steps.

After installation, the software asks you to restart the machine.

Configuring Tiny personal firewall

When you restart for the first time after installation, Tiny personal firewall presents you with a screen where you can choose the action you want to take.

Whenever you use an application for the first time that tries to connect to the network (Internet browser, messaging client, FTP client, etc.) Tiny personal firewall will present you with a warning asking to you authorize or reject the application's access to the Internet.

You are therefore reassured that no information can leave your system without your authorization. The box to check at the bottom of the page (create appropriate filter and don't ask me again) lets you respond only once for each application, by defining the local ports concerned as well as the destination IP addresses the program is authorized to communicate with.

Similarly, whenever a connection request is made by a network computer, the personal firewall tiny personal firewall will ask you to authorize or reject the connection, and to possibly create an appropriate filter rule for each type of connection.

Advanced configuration of Tiny personal firewall

The personal firewall Tiny personal firewall, when it is loaded in memory, appears in the Windows taskbar:

Double-click this icon to access the configuration of tiny personal firewall.
The first tab of the configuration interface proposes the 3 security modes described above:

• cut me off: lets you temporarily disconnect the computer from the network.
• ask me first: the software asks for the user's opinion (accept or reject the connection) whenever unknown traffic is detected.
• don't bother me: the software lets the unknown traffic pass through

The second tab (miscellaneous) lets you define a password for accessing the configuration and log file.

In the first tab (firewall), the Advanced button gives access to the advanced configuration of tiny personal firewall.

The advanced configuration of Tiny personal firewall has several tabs:

• Filter rules, letting you edit, add or remove filter rules
• Microsoft Networking, letting you specifically define which machines have access to Microsoft shares
• Miscellaneous, letting you manage access logging (possibly to an auxiliary server)
• Application's MD5, letting you verify the signature of applications that have a rule

Editing filter rules

Tiny personal firewall lets you precisely define filter rules using the firewall's advanced configuration interface:

The interface presents all of the rules that have been defined by the user. Each line represents a filter rule defined by:

• A description, accompanied by a symbol
  • This symbol represents an authorized outgoing communication
  • This symbol represents an authorized incoming communication
  • This symbol represents an authorized two-way communication
  • This symbol represents a denied outgoing communication
  • This symbol represents a denied incoming communication
  • This symbol represents a denied two-way communication
• The protocol(s) concerned (UDP, TCP, ICMP, etc.)
• The IP address and the local port concerned
• The IP address and the remote port concerned
• The application concerned

The Add... button lets you add a rule after the rules that have already been defined.
The Insert... button lets you insert a rule after the selected rule.
The Edit... button lets you edit the selected rule.
The Delete... button lets you delete the selected rule.

Editing filter rules

Right-click the tiny personal firewall icon to access the list of open connections in real time.

The green lines represent incoming communications, whereas the pink lines represent outgoing communications. The white lines refer to local applications whose ports are open, that is, applications functioning as servers, pending a connection.

The File menu lets you start the remote administration of a machine. The Logs menu lets you access the firewall system's statistics and logs.

More information

For more information about firewalls, visit the page dedicated to the topic. If you have questions, you can use the CCM forum.

Here is a list of additional addresses about the topic:

• The editor's page
• Firewall-net
• The Wanadoo cable security page

Article written by Jean-François PILLOU

---

This document entitled « Practical uses - Installing Tiny Personal Firewall » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the licence, as this note appears clearly.
 

• Contributing to this article
• Print Format