Name of tool: Shields Up
Company name: Gibson Research.
Windows platforms supported: 95, 98, NT, 2000
Quick description: Network connection test tool that examines
**** = Very cool and useful
All done via a browser; there is no software to download and install (see Cons). The product tests for open TCP/IP ports and also to determine if any potential problems exist via Windows networking configuration.
Extremely easy and straightforward to use. You go to Gibson's web site and click on a button to start the testing process.
This isn't a substitute for a thorough security review, particularly with threats that originate from inside your company's network. If you are operating behind a firewall, you'll need to download a small piece of agent software to perform accurate tests.
As more and more businesses become connected to the Internet, dangers are increasing from Internet villains who enjoy probing your computer and trying to break into it without your knowledge or permission. Until recently, test tools to help you strengthen your defenses were complex to use and costly. That's a thing of the past with Gibson's Shields Up.
A typical Windows user turns on file sharing because he wants to share files with colleagues. That's what peer-to-peer networking is all about, and this ease-of-use boon has been a cross to bear for IT administrators. These shared files can be available over the Internet--and sometimes without the user's knowledge. That's a problem, particularly if he needs to share files locally but doesn't want everyone in the big bad world to see them too. What to do? Go to Gibson's web site and run this test tool.
Shields Up is a very effective and simple tool. It answers the question: What am I vulnerable to attack from over the Internet? Besides shared files, there are well-known TCP/IP communication ports that are usually prone to probing and attack from the outside. These ports, such as 80 for web servers, 23 for telnet sessions, and 21 for ftp sessions, can be closed off with the appropriate Windows commands. (For example, if you don't load Windows Peer Networking in Windows 98, you won't be exposed to attacks coming in over port 80.) But more than just telling you if someone has left a back door to your system unlocked, Shields Up also tells you what to do about it, how you can secure your system and keep your assets protected.
Gibson has provided lots of advice on how to correct the problems Shields Up discovers. This advice is actually more important than doing the tests themselves because it will get you thinking about how your system is exposed and how hackers think to try to force entry.
Everyone with a continuous Internet connection should run Shields Up, and run it on all Internet-connected computers in your enterprise. It takes a few minutes to do a test that can save you hours of headaches down the road.
**** = Very cool, very useful
*** = Hey, not bad. One notch below very cool
** = A tad shaky to install and use but has some value.
* = Don't waste your time. Minimal real value.
Bio: David Strom is president of his own consulting firm in Port Washington, NY. He has tested hundreds of computer products over the past two decades working as a computer journalist, consultant, and corporate IT manager. Since 1995 he has written a weekly series of essays on web technologies and marketing called Web Informant. You can send him email at firstname.lastname@example.org.
This was first published in June 2000