Software Review of:
BlackICE Defender 
Protecting your PC from hackers 

Commercial firms usually install protective programs called firewalls. These ward off common intrusions from Internet snoops, and are pretty good at it. But they are designed to be used on network servers, and cost big bucks. What can we poor users do to protect ourselves? And how much of a threat is there really? Are we truly in danger? The answer to the last question is definitely yes! 

Several personal firewall programs claim to protect a personal computer from intrusion over an Internet connection. One of the earliest such programs is called BlackICE Definder, which can be ordered online and downloaded to update the program as needed (hint: check at least every other week to see if there is an update). Described as ". . .an industrial grade dynamic firewall system that detects hackers, identifies them, and protects your PC from break-ins," BlackICE Definder (hereafter shortened to BlackICE) costs $40 as a download. A License Key unlocks the program, along with future updates. 

Installation is straightforward, and places an icon in the tray. You can configure BlackICE for four levels of security, from trusting to paranoid. I feel comfortable with the Nervous setting. When an intrusion is suspected, that icon starts to pulsate and change color, pretty effective notification. Clicking on the icon brings up a dialog box which shows a list of suspected Attacks. The tabs at the top of the window also show information about the type of attack, along with a numerical rating of how serious each attack is. Clicking on the AdvICE button brings up a help screen that tells you about each type of attack. A History tab shows both levels of attacks and network traffic over the past 90 days. If you look at my Attacks list, you will see that my computer is probed at least every other day, and sometimes two or three times in a single day. And I turn off my computer when I’m not using it! This is conclusive evidence of why you need a personal firewall program. 

Black Ice seemed to be providing good protection, except right after I upgraded to Windows 98 Second Edition, which rendered BlackICE inoperative. But a patch soon restored functionality, as well as teaching me a lesson to upgrade the program often. 

To really test how well BlackICE works, I logged onto Steve Gibson’s site, which simulates attacks on your individual computer. After running the tests, I got the following readings: 

• Your Internet port 139 does not appear to exist! One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
• Unable to connect with NetBIOS to your computer. All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

Several other personal firewall programs are now available, but BlackICE seems to be doing a good job for me. Steve Gibson is currently recommending one called ZoneAlarm 2.0, which is free, and available on his Web site. Whichever one you choose, I strongly recommend you get some protection for any Internet user, but especially one with a high-speed, always-on connection. 

You can order online and download BlackICE at <www.networkice.com>.