Step 1 - Use a Firewall, even if you already have one.
Step 1 - Use a Firewall, even if you already have one.



Print out this convenient checklist to help yourself follow along!

   A firewall is a piece of software that acts like an Internet cop, looking for suspicious data passing into and out of your computer or network. Most modern firewalls also monitor the programs that try to connect to the Internet to make sure they have been given permission to do so. Click here if you want the fine details.
   Whether or not you already use a firewall, like the ultra-popular Zone Alarm, I recommend that you download and install Kerio Personal Firewall version 2.1.5. You can download it here.. (Note: Kerio has been bought out by Sunbelt software and no longer supports this version. The link provided is courtesy of 321download.com.) I recommend Kerio for several reasons: 1. In my opinion, it's the best firewall on the market; 2. It's free (for personal use); 3. I have already written files that will help protect you against spyware and other malicious activity. Kerio also works well with other firewalls, so if you already have one, like Zone Alarm, you don't have to worry about Kerio interfering with it. The only exception to this I know of is Outpost, which doesn't get along with other firewalls. Because Kerio has problems with fragmented packets, it is best if you have a cable/DSL or dial-up router or firewall as well.
   Installing Kerio is easy. Download it and click "Open" (Or "Launch", or "Unzip", depending on your browse) and extract it to a directory or folder. Simply click your Start button (at the lower right), then click Run. Find the folder you placed the extracted file in (it is called kerio-pf-2.1.5-en-win.exe), select it, and click Ok or Open. Allow it to install. Bookmark this page or add it to your Favorites and reboot.
   I have prepared my famous Spyware Blocklist which you can import directly into Kerio in order to stop spyware from "phoning home" and to provide other protection. A major reason why I recommended that you use Kerio in the first place is because I have these rulesets already written so you don't have to input this information manually. The first two can be imported into Kerio. They are identical except the second and third lists have extra security features, but may not work as well. The third option is just a textual printout of what is in the rulesets with some commentary. If you have another kind of firewall or prefer to put everything in manually, use this.

Kerio List Type 1 - This is a binary file that you can simply download and import into Kerio. It contains just the "bare bones" needed to block spyware and ad sites. It is hassle-free and is recommended for those without the knowledge or patience to tweak the firewall to get it to work perfectly. However, it gives the least protection.

Kerio List Type 2 - Contain the spyware filters plus some strict firewall rules for better protection. Especially recommended for Internet Explorer and Outlook users or for folks who aren't sure which one to use. Normally needs no tweaking except if you want to visit Microsoft's website or use Automatic Updates with Windows XP.

Kerio List Type 3 - This file contains all the spyware filters above, plus some VERY strict firewall rules for maximum protection. It is intended to be used in conjunction with some extra procedures covered in Step 8. This should also give you excellent protection against DNS hacking. You need to manually create a rule for new programs and place it above the "Block All" rule.

   How to use: Print out these handy instructions for future reference. Simply download the list of your choice. If you want to download a ready-to-go Kerio list, simply right-click the link and select "Save Target As..." or "Save File As..." (what it's called depends on the browser you are using). When it has downloaded, you need to import the file. Simply start up Kerio, then right click it's icon, which is a blue shield at the bottom right of your screen. Select Administration, then click the tab along the top called Miscellaneous. Where it says Firewall Configuration Files, click Load. Now, just find the file you downloaded from this site and select it. (If you don't see it, try clicking the box called Files of Type and selecting All Files). Now click Open and you're done! Kerio may pop up a few alerts as it adjusts to the new ruleset you just imported. Allow the programs you know and trust, and whose names you immediately recognize, to connect to the net and disallow ones you don't recognize or trust. Here are some common programs to allow or not allow access.

   Remember: In general, you can change rules or turn them on and off by going into Kerio's Advanced menu. To do this, right-click the Kerio icon, select Administration, and then click the Advanced button. You will be presented with a rule list, also called a ruleset. Don't change the order of the rules because that the order is very important to proper protection.
   If you want to allow a program to connect to the net and you downloaded the Type 3 ruleset, allow Kerio to create a rule for it by running the program. Then, go into the rule list (Right click Kerio/Administration/Advanced) and go to the bottom of the list. Make sure to use the regular windows scroll thing at the far right, not the square arrow buttons. Your newly-created rule will be at the absolute bottom of the list. Select it, and press the up arrow (square arrow button) and move it above the two Port Block - All rules. While you're there, if you like, you can look a few rule above for the various browsers and email programs that I entered into Kerio and delete out any you don't use.
   Some of the filters used in these lists may cause some sites or services to become inaccessible. If that happens, you will get a pop-up from Kerio telling you that something tried to contact a site but was blocked by some rule name. Almost always, this is exactly what you want: a warning from Kerio can often be a sign that some kind of undesirable activity is going on. However, if you want to override Kerio, you can simply turn off the offending rule by going into Kerio's Advanced menu and unchecking the offending rule. You'll have to decide whether accessing that site is worth the risk.
   If you don't like the pop-ups, simply select the rule that keeps popping up in the Advanced menu, click the Edit button, and uncheck the option that says "Display Alert Box when This Rule Matches." Click Ok then click the Apply button on the Advanced menu.

   If you have questions, remember this handy little Frequently-Asked Questions and Troubleshooting Guide.

   I've also included a number of extra security features in the Kerio files. Although there are several rulesets available, they are actually all identical: it's just that some individual rules may or may not be activated because they might not work on everybody's system. I recommend trying them though. If they work, keep them and if they don't turn them off. Just check or uncheck them to turn them on and off. See, I told you this was easy! :-) Try using the first 15 or so entries first. If you use DNSKong or Proxomitron, try turning the rules regarding those too. As always, click the Apply button in the rules menu in order to make the rules take effect immediately.
   If you use MSN, or if you need to access Microsoft's sites or services for any reason, see the FAQ.

   Congratulations! You're done with Step 1. If you want to learn the nauseating details about what firewalls are, how they work, and the different kinds available, click here.

Some extra info:

   The firewall, depending on which list you downloaded, may block access to Microsoft and possibly MSN. Normally, this is desirable since Windows does a lot of "phoning home". If you need to be able to access Microsoft, you can uncheck the Microsoft rules in the firewall to disable them.

Click here to go back to the 8-Steps index page.                                              Click here to go on to Step 2.
In case you get lost, this page is located at http://www.oocities.org/yosponge/firewall.html