I was never able to get my mother in law’s computer to misbehave, but my son was. He’d crawl up to it, press whatever buttons he could find, and invariably it would reboot and give beep codes.
So I decided the best bet would be to drop in a new system board. I went against all my usual practices and bought an Intel. Further research showed the stock board was made by MSI. I’ve never had good luck with MSI boards, although I know they’re popular. This one lasted five years, which is five years longer than the other two MSI boards I’ve seen. I was able to find an exact replacement, but the $70 price scared me off. Especially without knowing whether it was the board or CPU that was bad. With an Award BIOS, beep codes generally mean bad memory (a memory tester vindicated that), a bad CPU, or bad motherboard. Not very specific.
I wanted something reliable, cheap, and no slower than what she had. With an unlimited budget, I’d buy an Asus board, since I have a 6-year-old Asus board in the basement that’s still humming like new. Gatermann ran an Asus P55T2P4 for 10 years before it died, and I’ve seen lots of other Asus boards reach old age. Unfortunately, I couldn’t find an Asus motherboard/CPU combo for less than $100.
So I went with Intel’s desktop dual-core Atom board by default. Intel motherboards are as unexciting as they come, and I hate monopolies, but the board has a 3-year warranty and I know from my experience supporting Micron desktop PCs with Intel boards in them that it’ll last at least that long.
I had to change the ATX backplate, but I was glad to find the Compaq front-panel connector had the same pinout as this Intel board. Removing the old backplate was the hardest part of the installation, as the board mounts with just four screws.
I entered the BIOS on powerup and was disappointed to see I couldn’t disable the onboard video. I really wanted to plug a video card into the lone PCI slot and disable the onboard video to save some memory and bandwidth. I also found enabling USB boot was clunky, but other than that, the BIOS was predictable.
The board itself runs extremely cool. The power supply fan doesn’t blow out hot air or even warm air–it’s cool.
You have to slipstream SP2 or SP3 to install Windows XP on this board. I haven’t done that yet, so I don’t know yet how well it runs XP. But being a dual-core, 1.6 GHz CPU, it should be OK. When XP was introduced, 1.6 GHz single-core CPUs were mainstream. It may not keep up with the old 2.1 GHz AMD Athlon XP the system came with, but without all the crapware Compaq loads at the factory, I’ll bet the system will be faster than it ever was even if the new CPU isn’t quite as fast as the old one.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
Buffer overflows are a common topic on a Security+ exam. The textbook explanation of them is confusing, perhaps even wrong. I’ve never seen buffer overflows explained well.
So I’m going to give a simplified example and explanation of a buffer overflow, similar to the one I gave to the instructor, and then to the class.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
A story on The Register tipped me off to a small motherboard using Intel’s new Atom CPU. A UK data center is using the chip to power servers, and The Reg asks if it’s madness or genius.
More on that in a minute.It’s an interesting minimalist board. It has a single PCI slot, one DIMM slot, PATA and 2 SATA connectors for storage, and the usual complement of I/O slots. The CPU runs at 1.6 GHz. Newegg sells it for about 75 bucks.
One could use this board to build a minimalist PC, but it would also work well as a cheap upgrade for an old PC. It can bolt into a case designed for an ATX or micro-ATX board. It’s made by Intel, so its quality is likely to be comparable to any board it replaces. And the board consumes about 25 watts of power.
Paired up with some sort of solid-state storage, be it a compact flash card in an adapter or a proper SATA SSD like the OCZ Core, it would be a very quiet, low-power system. Performance-wise, it wouldn’t be a barn burner, but it has more than enough horsepower for word processing, e-mail, web browsing, and other productivity apps. At 1.6 GHz, the Atom doesn’t outrun a Pentium M or even a modern Celeron at comparable clock speed, but it should outrun a sub-2 GHz P4.
I think this thing would be awesome in many business environments. Tasks that would bog it down are the kinds of things you don’t want going on in the office anyway–stuff like 3D gaming, ripping and re-encoding DVDs, stuff like that. The power it would save would be tremendous, especially when paired with an LCD monitor and an SSD.
But I even think it has a place in the server room. For example, my first employer used desktop PCs for domain controllers. The logic was simple: DCs don’t work all that hard most of the day, and by their very nature they are redundant, so if a DC were to fail, it’s not in the same league as your mail server failing. You can grab another desktop PC, stand it up as a domain controller, then start asking questions.
In 1997, when a server cost $4,000 and a desktop PC cost $1,000, this was an obvious place for a college with budget problems to save some money.
I think Intel Atoms would make great domain controllers. They have enough CPU power to do the job, but they sip power, which is increasingly important in datacenters. The PCI slot would limit the type of gigabit NIC you could install, but it should still be OK.
They’d make fine web servers too. They might get bogged down on high traffic sites, but they would have little trouble serving up most corporate intranets, and let’s face it, most people’s web sites aren’t nearly as busy as they would like to think they are. You could always use more than one and load balance them. Besides, it’s typically the database servers behind the web servers that do the heavy lifting. Serving up static web pages isn’t all that difficult of a task, and a 1.6 GHz CPU ought to be up to it.
None of these uses are what Intel had in mind when they designed the Atom–I really think their ultimate goal is to end up in cell phones and PDAs, which was why they sold off their ARM-based Xscale CPU.
But if some enterprising company (or struggling behemoth *cough* Dell *cough*) wanted to build business PCs around these, it would be an easy sell. For that matter, they could stuff two of these boards into a 1U rackmount chassis and sell it as an inexpensive, power-saving alternative to blade servers.
Call me crazy, but having actually administered blade servers, I’d much rather have a bunch of 1U systems with two computers inside the case. Besides costing a lot less money up front, they would be more reliable and consume less power while actually saving space–an HP blade enclosure gives you 16 servers in 10 Us, while my crazy scheme would give you 20 servers in the same space.
Maybe instead of posting this idea where anyone can see it and run with it, I ought to buy a couple of motherboards, take them into my basement and start bending some metal myself. Hmm…
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
So we had some servers that were acting squirrelly on the network, refusing to talk to some servers but not others, dropping off entirely, etc. One of my coworkers noticed the servers acting badly were running different versions of the NIC driver than the ones that were behaving.
I found some other servers that had 10/100 cards in them that were using drivers that dated back to the Clinton administration.Here’s the nice thing. Intel keeps drivers available, and updates them on a pretty regular basis. Even those old 10/100 NICs had drivers available that were dated 2007. And they were Windows 2000 compatible, even!
Here’s the even nicer thing. We updated them hot, and they didn’t require a reboot. In a couple of cases, we even updated them remotely, via Terminal Services, and somehow didn’t lose our connection. (Don’t count on that always working.)
I always thought Intel NICs were overrated. Sure, given a choice between Intel and, say, D-Link, it’s no contest. But Intel vs. Broadcom or 3Com? The one guy qualified to comment on that (Linux NIC driver author Donald Becker) has no opinion. But I’ve never heard of being able to change a NIC driver in Windows and just keep on trucking along.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
PC Magazine has a feature about inexpensive PC upgrades. There’s some good advice there, but some questionable advice too. Since I really did write the book on free and inexpensive upgrades, I’ll present my own advice (but I’ll skip the pretty pictures).Hard drives
The best upgrade they didn’t mention is replacing the hard drive. I’ve been squeezing extra life out of old systems for years by taking out the aging drives and replacing them with something newer and faster. The trick is figuring out whether the drive is the old-style parallel ATA (with a 40- or 80-conductor cable) or newer SATA. If you can afford it, it makes sense to upgrade to a SATA controller so you can use a more modern drive. Newer drives are almost always faster than older drives if only because the density of the data is always increasing. If a drive stores twice as much data in the same linear space as an old one, it (roughly) means it will retrieve the data twice as fast, assuming the disk spins at the same speed (and it may spin faster). You can go all the way up to the 10,000 RPM Western Digital Raptor drives if you want, but even putting a mid-range drive in an old PC will speed it up.
Some people will point out that a new drive may be able to deliver data at a faster rate than an old controller in an old PC can handle. I don’t see that as a problem. There’s no drive on the market that can keep a 133 MB/sec bus saturated 100% of the time, and the old drive certainly isn’t. Even if your older, slower bus is the limiting factor some of the time, you’re still getting the benefit of a newer drive’s faster seek times and faster average data transfers.
While replacing a hard drive can bust an entire $125 upgrade budget in and of itself, it’s still something I recommend doing. Unless your system is really short on memory or you’re heavily into gaming, the hard drive is the best bang for your upgrade buck.
Memory
The other point I disagree with most strongly is the memory. There’s very little reason anymore to run a system with less than 1 GB of RAM. As a system becomes more obsolete, memory prices go up instead of down, so it makes sense to just install a ton of memory when you’re upgrading it anyway. If you need it later, it will probably cost more.
The caveat here is that it makes very little sense to install 4 GB of RAM, since the Intel x86 processor architecture reserves most of the 4 GB block for system use. If you install 4 GB of RAM, you really get more like 3.2 or 3.5 GB of usable memory unless you’re running 64-bit Windows. I don’t recommend going 64-bit yet. When it works, it works well. Unfortunately there’s no way to know if you’ll have good drivers for everything in your system until you try it. I wouldn’t go 64-bit until some popular software that requires (or at least takes really good advantage of) 64 bit arrives. The next version of Photoshop will help, but I think the thing that will really drive 64-bit is when id software releases a game that needs it. Until then, hardware makers will treat 64-bit Windows as an afterthought.
I usually put 2 GB of RAM in a system if it’ll take that much. If you do a lot of graphics or video work, more is better of course. For routine use, 2 GB is more than adequate, yet affordable. If a system won’t take 2 GB, then it makes sense to install as much as it will take, whether that’s 1 GB or 512 MB. If a system won’t take 512 MB, then it’s old enough that it makes sense to start talking replacement.
Outright replacement
Speaking of that, outright replacement can be a very practical option, especially if a system is getting up in years. My primary system is a 5-year-old office PC. Take a 2-ish GHz P4 or equivalent (current market value: $75-$125), load it up with 2 GB of RAM and a moderately fast hard drive, and you’ll have a better-built system than any $399 budget PC on the market. It will probably run as fast or faster, and it will cost less.
I have two PCs at the office: a 3 GHz Pentium D, and a 2.6 GHz Core Duo. Both have 2 GB of RAM. They theoretically encode MP3s faster than my home PC and would make better gaming PCs than my home PC (ahem), but for the things I do–namely, web browsing, spreadsheets, word processing, e-mail, and the occasional non-3D game–I can’t tell much difference between them. The System Idle Process gets the overwhelming majority of the CPU time on all of them.
Other upgrades
The other things discussed in the article can be worthwhile, but faster network cards won’t help your Internet speed. If you routinely copy huge files between multiple PCs, they help a lot, but how many people really do that on a regular basis?
Fast DVD burners are nice and they’re inexpensive, but if you needed one, you’d know it. If you don’t know what you’d do with one, skip it. Or if you have an older one that you use occasionally, you probably won’t use a faster one any more often.
For $60 you can get a decently fast hard drive, and that will do a lot more for overall system performance than either a network card or DVD burner upgrade.
The video card is a sensible upgrade under two circumstances: If you’re using the integrated video on your motherboard, or if you play 3D games and they feel jerky. If neither of those describes you, skip the video card upgrade.
Free upgrades
The article describes CHKDSK as a “low level defrag.” That’s not what CHKDSK does–it checks your drive for errors and tries to fix them. If your drives are formatted NTFS (and they probably are), routinely running CHKDSK isn’t going to do much for you. If you run CHKDSK routinely and it actually says it’s done something when it finishes, you have bigger problems and what you really need is a new hard drive.
If you want to defragment optimally, download JK-Defrag. It’s free and open source, and not only does a better job than the utility that comes with Windows, but it does a better job than most of the for-pay utilities too.
The first time you run it, I recommend running it from the command line, exactly like this: JkDefrag.exe -a 7 -d 2 -q c:. After that, just run it without any options, about once a month or two. (Running more often than that doesn’t do much good–in fact, the people who defragment their drives once a day or once a week seem to have more problems.) Run it with the options about once a year. Depending on what condition your system is in, the difference in performance after running it ranges from noticeable to stunning.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
SSDs are the first technology to excite me in a very long time. Next-generation drives with ultralow seek times and transfer rates around 100mb/s are finally available from Crucial and OCZ, but at a price of $600-$700 for a 32gb drive.
I’m going to wait for prices to come down and experiment with a cheaper alternative.Intel and Toshiba are promising 120mb/s rates later this year, and analysts are expecting prices to drop as manufacturing capacity increases. Competition can’t hurt either.
What I’m going to do in the meantime is use the old compact flash trick. The key is to get an adapter and a card that are both capable of UDMA. Addonics is the manufacturer of the best adapters. For cards, get something at least rated at 233X. A 300X card would be better. A 233X card will give transfer rates of 30-35mb/s, which is unspectacular but reasonable.
My goal is twofold. One, I want quiet. Two, it’ll reduce power consumption by about 20 watts. The you’ll-burn-the-drive-up-in-a-week myth is pretty well disproven now, so I’m not worried about that. Eliminating the possibility of a head crash means flash will be more reliable than a conventional drive, not less. For some of what I do, the low seek times will make a flash drive faster, rather than slower.
I have a couple of adapters on order. I haven’t ordered cards yet but that’s next. I need to decide what size I need first. With 233X 4gb cards selling for $25 at Newegg, I can get in the SSD game really cheaply, assuming I can live with 4 gigs (which is a possibility). Initially I’ll mess with this 128mb card I picked up at a yard sale for $2. I can’t do much with 128 megs anymore but I can build a Linux server in less than 100, just to prove the concept.
I think the CF trick is a good way to get in the game while waiting for prices to come down. And if you’re fixing up an old system for someone, a 4-8gb card may well give performance comparable to what was in the computer to begin with, and provides enough capacity for Windows 2000 or XP, office software, and a web browser, while eliminating the danger of a disk crash. In that situation, the compact flash is a viable permanent replacement.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
The Compaq Evo D51S is a well-built, small computer and it offers a few upgrade options
I upgraded a Compaq Evo D51S today. This was also sold under the name D510, and may have also been sold under the HP or Hewlett Packard brand. It was intended to be a low-profile, relatively affordable business computer.
Upgrading it poses some challenges, but there are some things you can do with it.This one has a 2.0 GHz Celeron in it. It will support a 2.4 GHz P4 without any issues (and a lot of them were sold with that chip), but I think that’s as high as you can go with the CPU.
The 2.0 GHz Celeron that came in this system will bog down with a heavy Photoshop filter and I’m sure some of the things I do in Adobe Premiere would bring it to its knees at times, but if your primary use of the machine is word processing, spreadsheets, web browsing and e-mail, it’s plenty fast. I would max out the system RAM before I replaced the CPU.
You can forget about motherboard replacements in this machine. Everything about the motherboard inside is odd, to get everything to fit in a smaller case. Compaq used to be criticized (sometimes unfairly) for using proprietary motherboards, but this one’s definitely proprietary.
Inside, you’re limited to two DIMM slots. I pulled the memory and replaced it with a pair of PC2100 DDR 1 GB DIMMs, which is the maximum the system supports. According to Crucial, PC3200 memory is compatible. Of course if you’re buying new memory, it makes sense to buy the faster stuff, in case you ever want to put the memory in another system.
In late 2010, 2 GB of PC3200 RAM sells for about $90. That’s close to the price of the computer itself, but more memory is probably the best thing you can buy for one of these machines, especially if it came with 256 MB of RAM.
The onboard video is the Intel 845G integrated video. It was better than I expected, but it steals system memory and, at least theoretically, it reduces memory bandwidth. The AGP slot is oriented vertically, so there’s only room for a low-profile card. That limits your choices somewhat. I had a low-profile ATI card with an early Radeon chipset on it. It’s not the most exciting card in the world, and may not even be better than the integrated Intel video, but it freed up some system memory for me. For what I want to do with this system, it will be fine. I’m not sure that Sid Meier‘s Railroads! will run on it, but Railroad Tycoon 3 will, and from what I understand that’s the better game anyway.
There are a number of low-profile AGP video cards on the market that would be a suitable upgrade for this machine. None of them are cutting edge, but there are a few that are DirectX 9-capable, and prices range from $20 to $40. The built-in video is adequate, and while my first impression of it was that it didn’t bog the system down nearly as badly as the integrated video in the P3 days did, I’m still not a big fan of it. I think adding a discrete video card is a good move.
The stock Seagate Barracuda 7200.7 is a pretty good performer. At 40 GB it’s relatively small, and it won’t keep up with a brand-new drive, but for a lot of uses it’s plenty fast. From what I understand it will support hard drives larger than 137 GB but you may have to mess with IDE modes in the BIOS to make it happen. The trick appears to be to set the BIOS to use bit shift instead of LBA. Additionally, you have to be running Windows 2000 SP4 or XP SP2 to see the full capacity of the drive. I don’t have a large drive to put in it, so I haven’t tested that.
There’s no room for a second drive in there, so if you want additional storage beyond what’s already there, it will have to be external. Or you can jettison the floppy drive, but then you’ll have a goofy-looking hole in the front of the computer. That’s the price you pay for a low-profile system.
The CD-ROM drive in my particular unit was pretty balky. I’m going to replace it with a CD-R/RW drive for the short term, and eventually (probably early next year) put a DVD burner in it. I’m primarily interested in putting home movies on DVD. For backup and data transfer, I pretty much use USB flash drives exclusively now. They’re a lot faster and more convenient than messing around with CD/DVD burning software. Any drive with an old-school 40-pin IDE connector will work.
Speaking of USB, the USB ports all seem to be USB 2.0, which is nice (installing software off a USB 2.0-based flash drive makes you want to swear off optical media forever), but the ports on the front are recessed far enough that only a standard cable or a very low-profile flash drive can plug into them. My SD reader would only plug into the back, which is inconvenient.
The system has two full-size PCI slots for expansion. I put an IEEE 1394 (Firewire) card in one of the slots, since I want to do some light video work with it. The other slot will probably get an 802.11b wireless card. If I needed that PCI slot for something else, I could plug in a USB adapter for wireless networking.
I used to be in the habit of buying the biggest case I could afford or find (they weren’t always the same thing), so a really low-profile desktop like this Evo 510 feels a little strange. But a lot of things are different now. I could put a 1 TB hard drive in this system if I needed an obscene amount of storage. USB ports eliminate the need for Zip or Jaz or Syquest drives and even, to a large extent, for CD or DVD burners. If it weren’t for my interest in video, I wouldn’t bother with a burner in this machine at all. And since sound and networking are built in, there’s no need for a lot of expansion slots. It would be nice to have three PCI slots instead of just two, but I would imagine a lot of people never even fill two.
As it is, this computer fits on a small desk, and if you put an LCD monitor on top of it, the combination will take less real estate than a 17-inch CRT monitor does.
There are a lot of these machines on the market now, either coming off lease or being replaced due to business upgrade policy. They’re cheap ($75-$150 depending on configuration) and I think they make an excellent home PC. They’re cheap, unobtrusive, and surprisingly expandable.
A decked-out 510 probably won’t run Vista all that well, but a lot of new PCs don’t run it very well either. I think a 510 running Windows XP or Linux can be a very useful computer for a good number of years.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
I was talking to a new coworker today and of course the topic of our first PCs came up. It was Cyrix-based. I didn’t mention my first PC (it seems I’m about four years older–it was an Am486SX2/66).
With only a couple of exceptions, I’ve always bought non-Intel PCs. Most of the Intel PCs I have bought have been used. One boss once went so far as to call me anti-corporate.
I’m not so much anti-corporate as I am pro-competition.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
Integrated components vs discrete is an old argument. I distinctly remember setting up a server for a new big-shot in 2004. I opened the server up to put memory in, and found its PCI slots filled with cards that duplicated all of the on-board components.
I asked my boss about this, and he said the guy had insisted on doing this, because “discrete components are better.”
I’ve been making jokes at the guy’s expense ever since.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
Let’s get back to talking about utility replacements. We last talked about antivirus programs, but what about the other component of what’s commonly now called a “security suite,” the firewall?
The answer is, don’t use firewall software if at all possible–which means every man, woman and child who has a cable or DSL connection. Use a separate device.There are several good reasons for this. First, there’s the fundamental problem with running your security on the same system you’re trying to protect. If your firewall software goes haywire and crashes, you run the risk of being unprotected. It’s much safer to rely on an external device that doesn’t have an Intel or AMD processor in it and isn’t running Windows. So when someone tries to send a Windows exploit or virus to it, it bounces off because the device just doesn’t understand.
The second reason is price. A plain no-frills cable/DSL router/firewall costs about $20 at Newegg today. The unit I generally recommend is the Linksys WRT54G, which sells for about $50 new or as little as $25 used and adds wireless capability. That’s about the same as the retail price of a software firewall anyway, and it gives you better protection without robbing your system of performance.
A cheaper alternative, which was what I used to do when these devices cost $200, was to take an obsolete PC, put in a couple of cheap network cards, and run Freesco on it. It will run on any PC with a 386 processor or better (I recommend a Pentium with PCI slots for ease of setup). A 100 MHz Pentium is more than powerful enough and if you don’t already have an obsolete PC to run it on, you probably won’t have to ask around very long before finding one for a very low price or free. Today I prefer a Linksys-type box though, since they take less space, consume less electricity, generate less heat and noise, and take less time to set up.
Performance is the third reason. Two years ago I was working at a large broadband ISP that will remain nameless. It provides a “high speed security suite” as part of the subscription price. The system requirements for this suite are ridiculous–the suite itself needs anywhere from 128 to 192 megabytes of RAM all to itself to function. Basically, if you have a PC with 256 megs of RAM (which is what a fair number of PCs out there still have), loading this security suite on it will bring it to its knees. But if your firewall is running on a separate device, 256 megs of RAM is a comfortable amount of memory to run Windows XP or 2000 and basic applications.
Reliability is the fourth reason. Every high-speed security suite I’ve ever dealt with, be it a freebie provided by your ISP, or an off-the-shelf suite, hooks itself into winsock.dll. Three of the last four computer problems I’ve fixed have been related to this problem, and the symptoms are difficult to diagnose unless you’ve seen the problem before. Basically the computer loses any and all ability to do any networking, but when you call tech support, enough things work that tech support will probably tell you to reload your operating system. Unfortunately, the WinSockFix utility doesn’t seem to be well-known at ISPs.
If messing around with your Winsock isn’t bad enough, the security suite my former employer provided was overly paranoid about piracy. If you did any number of things, including but not limited to trying to install it on a second PC without getting a second key from the ISP, it would disable itself and not necessarily warn the user that it had left the PC unprotected. It was my job, when I was working there, to go through all of the disabled accounts by hand. It wasn’t an automated process. So if the security suite decided to go jump off a cliff sometime on Friday after I’d pulled the current report, it would be sometime on Monday before I would even be aware of the problem. Given that it usually takes about 20 minutes for some exploit to find an unprotected Windows box sitting on the Internet, that 48-72 hour window that you could be sitting unprotected is anything but ideal.
Things may have changed since I left that employer in November 2005, but if it’s my PC, I’m not willing to risk it. I’d much rather spend $20-$50 on a cable/DSL router to give myself firewall protection that I know I can just set up once and then ignore for a few years and won’t cause my PC to constantly fall behind on the upgrade treadmill.
And finally, the fifth reason to use a hardware firewall is apathy. Software firewalls tend to throw a lot of popups at the user, warning the user that this or that is trying to access the Internet, or come in, or whatever. Most users are likely to do one of two things: either allow everything or deny everything. The result is either a PC on which nothing works, or whose firewall is full of so many holes there might as well not be one. It’s much better to have a hardware firewall that just does its job. If you’re worried about unauthorized applications hitting the Internet, that’s the job of antivirus and antispyware software, not the firewall.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
