Firewalls (yet again)

This is a subject that will not go away. You need a firewall. If you have a dial-up connection, you need a software firewall. If you have a DSL or cable connection, you need a hardware firewall and a software firewall. Microsoft provides half a firewall for free with Windows XP and you can buy other firewalls from vendors such as Zone Labs and Kerio (as for Sygate, it's been acquired by Symantec). My choice is still Zone Alarm.

Zone Alarm from Zone Labs has been around for a long time and it's the firewall I've always used, except for about the past 6 months. a certain Internet service provider that must not be named, my Internet service provider, began providing 4Mbps download speeds for those of us who were paying for 2Mbps. Trouble was, I didn't see any speed faster than 2Mbps. A WOW technician indicated that there was a "known problem" with Zone Alarm.

The problem may be with Zone Alarm, but several acquaintances use Zone Alarm with Roadrunner and see the full 4Mbps download speed, both here and in California. I'm working with a certain Internet service provider that must not be named to figure out what the problem is.

Regardless of whose problem it is, it is a problem, so I decided to try other firewalls. After less than a day, I dumped Sygate. That left Kerio. I ran the Kerio firewall for the better part of 6 months, becoming increasingly frustrated with it because it either provides far too much feedback (one program installation generated at least 30 messages from Kerio) or far too little (none). Perhaps I'd been spoiled by Zone Alarm, but I had become used to receiving just one or two messages when Zone Alarm noticed a new program.

Finally I'd had enough in mid August. I dumped Kerio and downloaded the latest version (6.0) of Zone Alarm. I tested the download speed -- greater than 4Mbps before installing Zone Alarm, 2.4Mbps (still not bad) after installing Zone Alarm. It's annoying to be paying for 4Mbps and getting less than 3Mbps, but it's even more annoying when the software firewall you're using insists on being either incessantly chatty or silent.

Zone Alarm Pro v.6

Whenever any new version of an application comes out, some people have problems with it. Zone Alarm 6 was no exception. It's been working well for me and an update that was released earlier this week installed without incident. In the beginning, Zone Alarm was just a software firewall -- nothing else. Now it tries, and often succeeds, to be a total security suite.

		Zone Alarm's main control panel is called "Overview" and it's here that you'll see the general status of the various components. NOTE: Click these small images for a full-size view.
		On the firewall tab, users set broad-brush security modes. The right settings are generally high for Internet connections and medium for computers on your own private LAN. The second tab is used to define those two zones.
		I use the medium setting for program control. Applications must first request access to the Internet, but the program will remember my decision. When programs change, Zone Alarm will ask about the new program.
		On the program tab, I can give an application access to the trusted zone and the Internet, set a trust level for the application, and decide whether the application should be allowed to send e-mail. The Trust Level determines the actions that a program is allowed to perform. There are five trust levels: Super, Trusted, Restricted, Ask, and Kill. Super access. Program can perform suspicious and dangerous actions without seeking permission. No alerts will be displayed. Trusted access. Program can perform suspicious actions without seeking permission, but must ask for permission to perform dangerous actions. Restricted access. Program can perform trusted- level actions but cannot perform suspicious or dangerous actions. Ask. Zone Alarm will notify the user, who can then decide. No access. The program will not be allowed to run.
		I prefer Grisoft's AVG Antivirus program, so the offering from Zone Labs is turned off. The application can also watch for spyware applications. Zone Labs estimates that 9 of every 10 computers has at least one spyware application installed.
		Fortunately, when I asked it to scan my computer ...
		... it found nothing.
		Some experts feel that a firewall should not be examining e-mail, but I keep this component enabled. It's simply another safeguard that's in place if I do something foolish.
		The e-mail component watches for attachments and will treat those most commonly used to spread infections as hazardous.
		The privacy will protect you from cookies (you may note that I've turned this off because the hysteria over cookies is just that). I also don't ask Zone Alarm to block pop-ups. The browsers I use most frequently (Firefox and Opera) do that and even Internet Explorer now has a pop-up blocker.
		Zone Alarm can watch for sensitive data and block it. I haven't enabled this or even tried it because it seems to me that I should be smart enough not to give my information to a rogue website.
		I do use instant messaging (Gaim, open source, available at gaim.sourceforge.net) so I've enabled Zone Alarm's IM security.
		Zone Alarm will also try to block access to websites you feel are objectionable.
		I turn off "informational" alerts because I don't need to see them. I know that many applications communicate frequently with services or processes that are running on the machine or with the mother ship to see if there's a new version available. After I've approved these, I don't need to know about them.
		The log file is useful and displays information about the firewall, IM security, spyware, antivirus, and all other components. The logged items seen here are all routine communications.

Technology corner rating for Zone Alarm 6 from Zone Labs

8 CATS: It talks more than it used to, but it's still better behaved than the competition. It's more sluggish than in the past and requires more system resources, but I still don't want to run a computer without Zone Alarm. Visit the Zone Labs website.

How the Technology Corner rating system works.

A shared drive done the right way

I was just sitting there minding my own business when the UPS guy approached the house and tossed a package over the transom. It was from ADS, a company that sends things for me to take a look at. The box said it contained an NAS Drive Kit. NAS means "network attached storage" and it's a (pricey) way to make a disk drive available to all computers on a LAN. Was I ever in for a surprise!

The first thing I noticed is that the ADS NAS Drive Kit doesn't include a disk drive. You provide that on your own. It's simply a box that holds the disk drive you choose -- a box that included an RJ45 Ethernet cable connection.

Hmmm. So for about $130, I can have a NAS Drive Kit with no hard drive. I then need to buy a hard drive. It's easy to find a quality (Seagate) hard drive for less than $100, but I opted for a 200GB Seagate hard drive at $100 (plus $2.75 shipping from Edison, New Jersey). Total price, retail, then would be about $240 to provide 200GB of network disk space. (My first hard drive, see below, was $1200 for 16MB, which is $75 per megabyte. The NAS device and the drive would be $240 for 200GB, which comes out to about 1.25¢ per megabyte. Looking at it another way, this is a price drop of 99.983%.)

How does this compare to what else is on the market?

I did some looking around and found ...

• Snap Appliance Snap Server 1100 for $600+
  It's a single 250GB drive that the manufacturer describes this way: The Snap Server 1100 typically installs in less than five minutes without the need for additional configuration of other servers or clients on your network. Just plug in the power, connect the RJ-45 Ethernet cable and turn on the Snap Server. Right out of the box the Snap Server 1100 delivers full multiplatform file sharing in mixed Windows, NetWare, UNIX, Linux, and/or Macintosh environments. Added benefits include configurable file security and integration into existing simple network security structures, all with no network downtime. As a highly optimized system tuned for a single purpose, the Snap Server 1100 solves common storage challenges."
• Snap Appliance Snap Server 2200 for $1300+
  This is a 2-drive system that provides 500GB of space. The manufacturer says: The Snap Server 2200 from Snap Appliance delivers cross-platform file sharing right out of the box in mixed Windows, NetWare, UNIX, Linux, and Macintosh environments. Just plug in the power and RJ-45 Ethernet cable, and turn it on. The auto-sensing 10/100 Ethernet connection detects the appropriate bandwidth and automatically connects to all supported networking protocols. No additional configuration of network servers or clients is required. The dual disks are easily configured to provide RAID 1 (mirroring) data protection for two separate volumes; factory default is RAID 0 (striping, no parity). In addition, the Kensington Security Slot lets you lock down your Snap Server 2200 for enhanced physical data security."

The ADS NAS Drive Kit has space for just a single drive, so there's no RAID redundancy built in, but the total cost (with a Seagate hard drive) is less than $250 for 200MB versus more than $600 for Snap's 250MB single-drive (no RAID) solution.

The one thing that concerned me is that the CD provided with the device specified Windows only, so I wondered if the disk drive would be visible to a Mac. The answer is that it will, but that you must do the initial disk configuration with a Windows machine.

The first time you use the NAS Drive Kit, you must configure it with the ADS application that runs only on Windows. Once you've configured the drive, it will be accessible to all PCs and Macs on the network.

This means that you can set up the ADS NAS drive for the network and have Mac users copy files that need to be backed up to the NAS drive and then back up that drive.

So how does it work in practice?

I had a little trouble with the initial setup. The drive was not being detected. It was plugged into a hub and the hub's lights indicate that the hub could see it. The LAN light was on solid on the NAS drive, most of the time; it blinked occasionally -- once or twice every 30 seconds or so.

I powered it down several times. I reset it. I tried to ping it. No response. The router/firewall (Netgear FR114P) that the hub connects to was set to provide DHCP. The NAS did not appear in the list of attached devices.

• There is no device at 192.168.1.200.
• There is a printer at 192.168.0.125 (static).
• The desktop computer is 192.168.0.101 (static).
• There is a Mac at 192.168.0.102 (static).

Then I realized there was an OBVIOUS problem that I'd overlooked: The NAS was at 192.168.1.200 and all the other devices (and the router) are at 192.168.0.x. Dumb. You can't do that with a netmask of 255.255.255.0.

"Easy fix!" I thought. So I changed the router to 192.168.1.1. I changed the desktop to 192.168.1.101. I changed the Mac to 192.168.1.102. I changed the printer to 192.168.1.125. I changed the DHCP to 192.168.1.2 through 192.168.1.50.

When I fired up the NAS Drive, the setup application still couldn't find it. The power light was on solid. The LAN light was on solid, with occasional blinks. The hub indicated the presence of a device. I tried connecting the NAS device to the router, too. No difference.

Even ping failed:
c:\>ping 192.168.1.200
Pinging 192.168.1.200 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.200: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

At this point I concluded that I must be doing something incredibly stupid or that the device I'd received was a dud. That's when Daniel Chan came to my assistance. "Connect the NAS device directly to the computer and see if it's recognized," he suggested. Then I'll call you.

I tried that and the setup software still couldn't see the NAS device. Playing the part of the typical consumer, I didn't write down the full error message and when Daniel asked me what the message had been, I said, "Wait a moment. I'll run the application again and tell you." Of course, that's when the setup software saw the device. I plugged it in to the router and the setup software saw it there, too. I asked Daniel if he would mind staying on the phone 24 hours per day, 7 days per week.

Daniel went back to work and I finished running the setup software. When the NAS rebooted, it was no longer accessible.

When Daniel called again, we talked about routers and workgroup names. The NAS defaults to "workgroup" and my home workgroup is "blinnhouse". Changing that seemed to make all the difference. Just to be certain, I used the setup application to set the drive to a static IP address (192.168.1.200). This may not have been necessary, but I've had no trouble since then.

Daniel says there is a known compatibility issue between the ADS NAS Drive Kit and the Netgear FR114 router. My router is a Netgear FR114P. But once the user works around the initial setup, everything works reliably.

But now it's working

The first thing, and one that I still have trouble contemplating, is the amount of disk space available to me at home. My first ($1600) computer had no hard drive -- just two 360KB floppy disk drives.

Later, I added a 16MB hard drive for about $1200.

If you examine the Windows Explorer listing at the left, you'll see that there are two 120GB Seagate SATA drives (C and D) and that I've added 2 additional Seagate USB drives (M and N) that are nominally 200GB and 160GB. Add the NAS Drive Kit with a 200GB drive and Kaydee's Mac with a 200BG shared drive and an 80GB drive that could be shared, you'll realize that I have slightly more than 1 TERABYTE of available online storage on a HOME network.

Amazing! This is 67,500 times the space available on my first hard drive and I don't even want to think about how much more space this is that what was available on a computer with 2 floppy disk drives.

But I digress. It's time to take a look at the NAS control panel. No matter what is done to simplify the setup process, you'll still be dealing with things that most home users won't be familiar with -- IP addresses, DHCP servers, netmasks, and the like.

The setup program (if you don't have a Netgear router) will probably find the drive and set things up properly. You might run into a problem if you've set up your home network on a subnetwork other than 192.168.1.x, as I had. For most users, there won't be much of a problem.

Once the system is working, you'll want to look at the Networking tab. The Host Name Setting selection will allow you to ensure that the device is part of the workgroup you use at home. You probably won't need to make any changes in the IP Address Setting tab, but you may want to establish a Superuser and Password Setting. If you want the drive to work with SAMBA and FTP, you'll need to visit that section.

During the setup, you'll visit the Administration tab to format the drive and set the time. When ADS Tech releases a firmware upgrade, you'll visit this tab to install it.

There's not need to visit the Share tab unless you want to create users who have read or write permissions for specific areas of the drive. This could be important if you have financial data that you want to protect and you also have small children who might accidentally delete important files. Otherwise, making the entire drive accessible to everyone is the easiest solution.

Technology corner rating for NAS Drive Kit from ADS.

8 CATS: Although the NAS Drive Kit can be used with Macs and other non-Windows computers, you must have a Windows computer to run the initial set-up program Eliminate that requirement, and this little package would earn a 10. See the ADS website.

How the Technology Corner rating system works.

How to capture streaming audio

I'm not sure whether this is dedication or an indication of serious trouble on the horizon, but I heard from a listener who wants to record Technology Corner using WTVN's streaming audio (www.WTVN.com). He wasn't able to get the free audio program Audacity to record the show and wrote to see if I could suggest another application. What I suggested, instead, was digging several layers deep to the control panel Windows provides for playing back and recording sounds. Why Windows makes this so hard, I'm not sure, but I know that Apple makes it even harder to snag streaming audio.

For Windows users, here's the trick. First visit WTVN.com and choose the "Listen Live" link. Instead of allowing you to listen immediately, this will take you to a page that looks a lot like an error message. In fact, that's what I thought it was until I noticed that the large text at the top was really a link. So ... click "Listen Live" then "Click here to listen to 610WTVN on-line." That will open your streaming audio player and you'll begin to hear the station. Click any of the images for a larger view.

Despite being able to listen, you might not yet be able to record. What you need is the hard-to-find recording control. Open the Start Menu and navigate your way to

Programs • Accessories • Entertainment

There you'll find the Volume Control. Open it. By default, it opens the playback control, which controls what you're listening to. This is what confuses most people: Just because you're listening to a particular input doesn't mean that Windows is routing that input to any recording device. In fact, it usually isn't. What you need to do is choose Properties from the Options menu and then click the radio button for Recording.

While you're at it, make sure all of the input options in the list at the bottom of the dialog box are checked. Now you at least have a chance of getting the audio you want to record to a recording device.

Click OK and a list of inputs and volume sliders will open. This is where you control the source of the audio that goes to the recorder and the volume (level) of sound. The two most likely sources with be "Wave" and "What-U-Hear". It's better to fight the right input and select that because it will eliminate sounds you don't want, but if you're in a hurry, "What-U-Hear" will probably record "What-U-Want". (Note: The list of input varies from one computer to another depending on the hardware.

Now it's time to open Audacity and click the record button and ..

Success! Audacity (or whatever recording program you have) will begin recording the streaming audio. If you have a Mac and you want to record streaming audio, you'll need to buy a program such as Wire Tap.

Audacity doesn't have the ability to start recording at a specific time, but there may be a way to lash something together with macros or a Windows version of cron to start the application at a specific time. As far as I know, none of the other recording applications have a way to start or stop recording at a specific time.

This turned out not to be the solution that worked for the listener with the question, but it's a way to grab streaming audio if you have the need.

Nerdly News

Smaller and smaller

This week Apple introduced the iPod Nano. The latest Ipod holds 1000 songs of average length, is (as Steve Jobs likes to point out) "thinner than a standard pencil", and is about half the length and width of other players.

The Nano has a color screen and can also hold photos (meaning you get fewer songs). Because it uses the same 30-pin dock connector as the Ipod and Ipod Mini, it can use hundreds of accessories developed for the Ipod.

The Nano 4GB model is priced at $249 and a 2GB model is priced at $199. They're available in black or white.

Do a Google search on "Vinton Cerf"

One of the primary inventors of the Internet (and NO, Al Gore never claimed to be an inventor, only a proponent) Vinton Cerf has accepted a job at Google. He's been MCI's senior vice president for technology strategy.

Cerf worked on developing the Internet with it was Arpanet. In the early 1970s, Cerf and Robert Kahn developed procedures that would allow isolated computer networks to talk to each other. We still use it today -- Transmission Control Protocol/Internet Protocol (TCP/IP).

Saying that he's excited to be working directly with computer technology again, Cerf says he's not yet sure exactly what he'll be working on at Google. He is 62 years old and his first day at Google is October 3.

Let us know what you think. Write to:
Bill Blinn --
Joe Bradley --

Have a question? Ask it and you might pick up a prize for stumping the chump. Send your question to . And ... good luck!

Privacy Guarantee:

I HATE SPAM and will not sell, rent, loan, auction, trade, or do anything else with your e-mail address. Period.

Is this information useful?
If so, consider making a contribution, please.

Joe

(Photo by Sally)

Bill

(Photo by Scampi)

As if you didn't already get enough weather on the radio!

If you do not see a Weather Underground banner above and you use ad-blocking software, please set your application to allow images from "www.wunderground.com" to appear.

Annoying legal disclaimer
My attorney says I really need to say this: The Technology Corner website is for informational purposes only. Neither Joe nor I assume any responsibility for its accuracy, although we do our best. The information is subject to change without notice. Any actions you take based on information from the radio program or from this website are entirely at your own risk. Products and services are mentioned for informational purposes only and their various trademarks and service marks are the property of their respective owners. Technology Corner cannot provide technical support for products or services mentioned on the air or on the website.