SAN FRANCISCO (04/19/2000) - The surge in DSL and cable-modem Internet connectivity brings a new security problem for individual users: home Internet invasions. Because these technologies connect your computer to the Internet around the clock, the probability of a hacker discovering and attacking your little Net outpost greatly increases. The solution to this problem is firewall protection for every Internet-connected computer. Open Door Networks Inc.'s DoorStop Personal 1.1 fills the bill by providing inexpensive individual protection that's easy to configure and relatively unobtrusive.
You install DoorStop Personal on each Mac you want to protect; it runs invisibly in the background, intercepting all incoming TCP/IP connection requests. (The $299 DoorStop Server Edition offers server-specific security features for AppleShare IP, StarNine's WebStar, and Open Door's ShareWay IP Professional.) Its Web-based documentation is easy to view but difficult to print; a PDF guide would be more useful.
DoorStop's straightforward administration application lets you either deny all incoming connections or permit selected protocols and users. It starts up in Basic mode, which denies all traffic by default but has some preconfigured options to admit Web, file-sharing, and program-linking requests. If you further restrict access by IP-address range, you can easily permit other users on your own network while excluding Internet visitors. The administrator's Advanced mode lets you get under DoorStop's hood to configure individual TCP/IP services by port number.
Once you've configured DoorStop and turned it on, you can quit the administration application. The program optionally notifies you with a nonmodal pop-up dialog box whenever it turns away a connection request, and it can log these events to a disk file as well. It does not, however, let you override DoorStop's protection on a case-by-case basis, forcing you to reconfigure the program for even one-time access.
We found that DoorStop had no performance impact on even high-speed LAN Internet connections. However, it had some difficulty with FTP, which uses incoming connections to download files even if you initiate the session from your own computer - DoorStop blocks these incoming connections. Other firewalls have found a way around this problem, but with DoorStop, you must use one of several workarounds described in the documentation.
Macworld's Buying Advice - If you're using a continuous connection, you need a firewall-it's simply not optional in today's dangerous Internet environment.
Despite some minor problems, DoorStop's low price, easy setup, and unobtrusive operation make it a great choice.rating: 3.5 mice #pro: Easy to configure; optionally logs and notifies you of access attempts; allows selective access by IP address.
#con: No ad hoc access override; clunky handling of FTP.
#comp: Open Door Networks (541/488-4127, www.opendoor.com).
#list: Single license, $59; 5 licenses, $199; 50 licenses, $1,299.