Contents

            

1. Introduction 2 Firewalls 3 Anti-virus 4 Anti-spyware 5 Browser choice 6 See also 7 References

Firewalls A firewall blocks all "roads and cars" through authorized ports on your computer. thus restricting unfettered access. or software running on another computer. These types of firewalls can create a log file where it records all the connection details (including connection attempts) with the PC. software NAT can be used on the computer with the Internet connection. For a small home network. Most home users use a software firewall. A password is a secret word or phrase that gives a user access to a particular program or system. providing similar behaviour to a router and similar levels of security. and system administrators often combine a proxy firewall with a packet-filtering firewall to create a highly secure system. . Internet security professionals should be fluent in the four major aspects:     Penetration testing Intrusion Detection Incidence Response Legal / Audit Compliance Network Address Translation (NAT) typically has the effect of preventing connections from being established inbound into a computer. A firewall is a dedicated appliance. Data encryption is the translation of data into a form that is unintelligible without a deciphering mechanism. A stateful firewall is a more secure form of firewall.Introduction: Internet security is the prevention of unauthorized access and/or damage to computer systems via internet access. which inspects network traffic passing through it. and denies or permits passage based on a set of rules. but for a lower cost and lower complexity. whilst permitting connections out. Most security measures involve data encryption and passwords.

packet filters The first paper published on firewall technology was in 1988. and therefore implement a "default-allow" ruleset. This fairly basic system was the first generation of what would become a highly evolved and technical internet security feature. in which the only network connections which are allowed are the ones that have been explicitly allowed. In the former case. In the latter case. Standard security practices dictate a "default-deny" firewall ruleset. Without proper configuration. At AT&T Bell Labs. Bill Cheswick and Steve Bellovin were continuing their research in packet filtering and developed a working model for their own company based upon their original first generation architecture.A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels. Unfortunately. This configuration makes inadvertent network connections and system compromise much more likely. Many businesses lack such understanding. A firewall's function within a network is similar to firewalls with fire doors in building construction. If a packet matches the packet filter's set of . when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. is often referred to as a "perimeter network" or Demilitarized zone (DMZ). such a configuration requires detailed understanding of the network applications and endpoints required for the organization's day-to-day operation. in which all traffic is allowed unless it has been specifically blocked. situated between the Internet and a trusted internal network. Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the Internet. it is used to prevent network intrusion to the private network. First generation . A zone with an intermediate trust level. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. a firewall can often become worthless. it is intended to contain and delay structural fire from spreading to adjacent structures.

and Kshitij Nigam developed the second generation of firewalls. Third generation . the port number). remote printing. file transfer). or certain Denial-of-service attacks. and thus control. Second generation . Bill Cheswick at AT&T Laboratories. Instead.rules. calling them circuit level firewalls. those types of traffic (such as web browsing. its protocol. unless the machines on each side of the packet filter are both using the same non-standard ports. and send "error responses" to the source). also known as a proxy-based firewall. and. Dave Presetto."stateful" filters From 1980-1990 three colleagues from AT&T Bell Laboratories. or is an invalid packet. Because TCP and UDP traffic by convention uses well known ports for particular types of traffic. it filters each packet based only on information contained in the packet itself (most commonly using a combination of the packet's source and destination address. Second Generation firewalls in addition regard placement of each individual packet within the packet series. a part of an existing connection. This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (it stores no information on connection "state"). Janardan Sharma. the state of a connection can in itself be one of the criteria which trigger specific rules. email transmission. Marcus Ranum's work . or reject it (discard it. a "stateless" packet filter can distinguish between. for TCP and UDP traffic. This type of firewall can help prevent attacks which exploit existing connections. and Marcus Ranum described a third generation firewall known as an application layer firewall. the packet filter will drop (silently discard) the packet.application layer Publications by Gene Spafford of Purdue University. Though there is still a set of static rules in such a firewall. This technology is generally referred to as a stateful firewall as it maintains records of all connections passing through the firewall and is able to determine whether a packet is either the start of a new connection. which comprises most internet communication.

however this is not correct. and it can detect whether an unwanted protocol is being sneaked through on a non-standard port or whether a protocol is being abused in a known harmful way. Most commercial antivirus software uses both of these approaches.on the technology spearheaded the creation of the first commercial product. The term "antivirus" is used because the earliest examples were designed exclusively to combat computer viruses. 1991 to a chemical company based on the East Coast of the USA. worms. Anti-virus Antivirus software are computer programs that attempt to identify. however most modern antivirus software is now designed to combat a wide range of threats. including worms. port monitoring and other methods. The second approach is called heuristic analysis. The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol. Antivirus software typically uses two different approaches to accomplish this: examining (scanning) files to look for known viruses matching definitions in a virus dictionary. These programs are all characterised as being unwanted software that install themselves on your computer through deception. Some people or companies with malicious intentions write programs like computer viruses. trojan horses and other malware. DEC’s first major sale was on June 13. Trojan horses are simply programs that conceal their true purpose or include a hidden functionality that a user would not want. Some people consider network firewalls to be a type of antivirus software. neutralize or eliminate malicious software. trojan horses and spyware. rootkits. DNS. . or web browsing). The product was released by DEC who named it the DEC SEAL product. phishing attacks. with an emphasis on the virus dictionary approach. Such analysis may include data captures. and identifying suspicious behavior from any computer program which might indicate infection.

Search & Destroy (all features free for non-commercial use) rapidly gained popularity as effective tools to remove. Anti-spyware There are several kinds of threats: Spyware is software that runs on a computer without the explicit permission of its user. However. Once a virus or worm has infected a computer.Worms are characterised by having the ability to replicate themselves and viruses are similar except that they achieve this by adding their code onto third party software. Adware is software that runs on a computer without the owner's consent. either as deliberate. users typically install antivirus software. and in some cases intercept. It often gathers private information from a user's computer and sends this data over the Internet back to the software manufacturer. In many cases. which runs in the background on the computer. this slows the computer down and may also cause software conflicts. Many programmers and some commercial firms have released products designed to remove or block spyware. In order to prevent damage by viruses and worms. including spyware. Some malware that can be classified as trojans with a limited payload are not detected by most antivirus software and may require the use of other software designed to detect other classes of malware. must pay for other features) and Patrick Kolla's Spybot . much like spyware. it would typically infect other programs (in the case of viruses) and other computers. it typically runs in the background and displays random or targeted pop-up advertisements. Viruses also slow down system performance and cause strange system behavior and in many cases do serious harm to computers. Steve Gibson's OptOut pioneered a growing category. Programs such as Lavasoft's Ad-Aware SE (free scans for non-commercial users. detecting any suspicious software and preventing it from running. spyware programs. instead of taking information. More recently Microsoft acquired the GIANT . malicious damage or as unintentional side effects.

plus made a freeware AVG Anti-Spyware Free Edition available for private and non-commercial use.AntiSpyware software. Recently. However. for instance. AVG also used this product to add an integrated antispyware solution to some versions of the AVG Anti-Virus family of products. McAfee and Sophos have come later to the table. the anti-virus company Grisoft. Early on. citing lawsuits brought by spyware authors against the authors of web sites and programs which described their products as "spyware". but free editions have limited real time protection) DriveSentry (free version (3. categorizes spyware programs as "extended threats" and now offers real-time protection from them (as it does for viruses). recent versions of these major firms' home and business anti-virus products do include anti-spyware functions. Other wellknown commercial anti-spyware products include: PC Tools's Spyware Doctor (free scans and removes spyware free. creator of AVG Anti-Virus. This shows a trend by anti virus companies to launch a dedicated solution to spyware . Microsoft renamed the beta software to Windows Defender (free). acquired antispyware firm Ewido Networks. antivirus firms expressed reluctance to add anti-spyware functions. re-labeling their Ewido anti-spyware program as AVG Anti-Spyware Professional Edition. albeit treated differently from viruses.1) will remove spyware) ParetoLogic's Anti-Spyware and XoftSpy SE (free version does not remove spyware) Sunbelt Software's Counterspy (15-day free trial) Trend Micro's HijackThis (free) Webroot Software's Spy Sweeper (free version does not remove spyware) Major anti-virus firms such as Symantec. rebranding it as Windows AntiSpyware beta and releasing it as a free download for Genuine Windows XP and Windows 2003 users. and it was released as a free download in October 2006 and is included as standard with Windows Vista. adding anti-spyware features to their existing anti-virus products. In 2006. Symantec Anti-Virus.

and system administrators often combine a proxy firewall with a packet-filtering firewall to create a highly secure system. Zone Labs. A firewall blocks all "roads and cars" through authorized ports on your computer.com. however most modern antivirus software is now designed to combat a wide range of threats. Conclusion Internet security is the prevention of unauthorized access and/or damage to computer systems via internet access. rootkits. phishing attacks. Most security measures involve data encryption and passwords. A stateful firewall is a more secure form of firewall. thus restricting unfettered access. neutralize or eliminate malicious software. References Browser Statistics".and malware. trojan horses and other malware. Antivirus software are computer programs that attempt to identify. The term "antivirus" is used because the earliest examples were designed exclusively to combat computer viruses. Retrieved . including worms. w3schools. creator of Zone Alarm firewall have also released an antispyware program.

Sign up to vote on this title
UsefulNot useful