What is a Firewall?
A firewall is an information technology (IT) security device which is configured to permit, deny or proxy data connections set and configured by the organization’s security policy. Firewalls can either be hardware and/or software based.

A firewall’s basic task is to control traffic between computer networks with different zones of trust. Typical examples are the Internet which is a zone with no trust and an internal network which is (and should be) a zone with high trust. The ultimate goal is to provide controlled interfaces between zones of differing trust levels through the enforcement of a security policy and connectivity model based on the least privilege principle and separation of duties.

A firewall is also called a Border Protection Device (BPD) in certain military contexts where a firewall separates networks by creating perimeter networks in a Demilitarized zone (DMZ). In a BSD context they are also known as a packet filter. A firewall’s function is analogous to firewalls in building construction.

Proper configuration of firewalls demands skill from the firewall administrator. It requires considerable understanding of network protocols and of computer security. Small mistakes can render a firewall worthless as a security tool.

Firewall Comparison

Every Windows XP has its inbuilt “windows firewall”. Whenever some new application needs to access the network, Windows Firewall asks, if you want to unblock internet access for this application. Windows integrated Firewall is good for home users, but if you need more control over your incoming and outgoing network traffic, you should get some more serious software. Some Anti-virus packages include integrated firewalls. Here we compare 5 firewall software packages: BlackIce, Internet Firewall, McAfee Firewall, Sygate Firewall, ZoneAlarm.
Criteria Ratings Overall

strong>BlackICE Defender fared better than IFW2K, as it does feature several useful options. Its logging capabilities exceed the usability of any other product in this review. BID could use several improvements, however. A potential security risk is its inability to filter outgoing packet data. As intrusion programs become more sophisticated, the lack of outbound filtering could prove hazardous. Since outgoing connections are not monitored, a malicious program could transfer files and even personal information to any persons wishing to use the data for malicious purposes. Do remember that BlackICE Defender isn’t free, and I believe that better freeware packages are currently available.

McAfee Personal Firewall offers decent options to protect a single system for most Internet attacks. With a few updates to the base configuration, this package could be a powerful product. The interface is easily serviceable, especially for first time firewall users. The only major flaw I noted is the lack of viable LAN support features. It is hoped that McAfee will address this issue with a future release, as they have a great foundation to build on.

Zonelabs’ ZoneAlarm is a great freeware package. With simple network settings and a great interface, this adds up to a powerful Internet security package. ZA could become one of the best solutions available with a few minor improvements to the base package. The addition of more advanced configuration options would be useful, and would complete the already impressive feature set of this package. Even without this feature, ZoneAlarm proves to be a valuable product. I would have little problem in recommending this product to anyone seeking a decent personal firewall.

I would designate Sygate Personal Firewall as the most comprehensive personal firewall solution reviewed. SPF’s robust feature set combined with an efficient interface makes it suitable for all Internet users, whether they be novices or network administrators. With a freeware personal version available, I would recommend that all Internet users take a look at this product. The current version offers excellent security, and I only see SPF improving with future releases. If you only try one product, then Sygate Personal Firewall should be it.

The results of this firewall comparison are rather interesting. In most scenarios, the freeware applications were capable of meeting and even exceeding the capabilities of the purchased packages. It is refreshing to see that freeware applications are still viable, especially in this era when most useful products are tagged with costly prices.

For personal use I prefer using “Sygate personal firewall” which you can get free for home usage. But if I don`t need that much control, I can live with AOL free anti-virus software and Windows integrated firewall.

• Security policy
• operating systems and applications: versions and updates
• Know your network
• TCP/UDP servers and services on the network
• Passwords
• do not run code from non-trusted sources
• read e-mail as plain text
• other malicious code countermeasures
• follow the concept of least privilege
• application auditing
• network printers
• simple network management protocol (SNMP)
• network security testing

Also some in-depth guides:

• Perimeter routers and firewalls
• windows 2000 and above operating systems
• microsoft web server
• unix systems and networks
• unix web servers
• intrusion detection systems (IDS)

Download the pdf here: The 60 minute network security guide

In information security , computer virus is a manmade program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. From behavior computer virus in a way is a similar biological virus which pervasions by inserting itself into living cells. Cell by cell and all organisms (computer) is ridden virus cells.
Without computer viruses there are separated two other types of malicious computer programs - viruses.

Trojan Horses

As already from this virus type name we can imagine, Trojan horses are programs that pretend to be legitimate software, but actually carry out hidden, harmful functions. Trojans can’t replicate themselves that mean, they can’t expand so fast as other virus types. But often they work together with viruses.

Worms

Worms are similar to viruses but do not need a carrier program or document. Worms simply create exact copies..

Read full article at infosecuritylab

Both types take a control over target computer and often use that to make denial of service of other target computer.
Buffer Overflow
An attacker sends a specific series of characters (text) to a service that will cause the service to act outside it’s normal operating parameters. These attacks can be considered two parts, the overflow itself, and the command to execute. The overflow part contains the specific series of characters that will cause the service to act abnormally, but other contains commands. These commands can be something simple like causing computer to crash, or something complex like installing a trojan.
Buffer overflows are usually the preferred method of compromising a web server.
Port Scan A port scanner is a tool that allows an individual to list the ports on a computer that are listening (available / open). Using a port scanner is usually the first step in determining how to compromise a system, as an attacker needs to know what the potential vulnerabilities of a system are before trying to execute them.

original article: http://www.infosecuritylab.com/news.php?n_cat=2&n_id=200610020947140 

Author: Valters Shverns (source: GoArticles)

When you download the installation, you have to enter your e-mail in their website and you get a free serial key. It is nowhere said that it`s for personal use only, so I think you can use it for bigger companies` networks also (correct me if I`m wrong). During the installation, AVS also checks if you have another anti-virus software that could cause conflicts and gives the option to uninstall it. Without uninstalling other detected anti-virus software you cannot install Active Virus Shield. After install it sits in the tray, updates itself and doesn`t seem to slow down computer. It also can update, run active protection shield and run multiple scans at the same time, each in its own thread.

Edit: just noticed the bad side of the software - it seems to be for free for one year, as from CNET review.

Some screenshots:

This is the software publisher’s description.

AOL’s Active Virus Shield is free anti-virus for your PC that combines traditional antivirus programs, stopping them before they can infect your computer. Active Virus Shield is brought to you as a free service of AOL and is based on Kaspersky Lab’s award winning Personal Anti-Virus.

Active Virus Shield seamlessly integrates with the Microsoft Windows family of operating systems and is compatible with other PC protection programs (firewalls, anti-spyware, etc.). Like other anti-virus programs, using Active Virus Shield may require that you uninstall other anti-virus programs to avoid product incompatibilities.

Active Virus Shield utilises the latest technology to do both traditional signature-based detection, as well as in-depth scanning of executables. This helps protect against a broader range of known and new viruses, reducing the chances of a virus infection on the user’s computer.

All individual files, your emails and disks can be scanned for viruses or, to cut down on scan times, Active Virus Shield allows users to focus attention only on critical areas of the operating system. In either case, Active Virus Shield serves as a watch-dog, continuously monitoring and helping to protect files. Active Virus Shield can also scan faster by scanning only new and changed files.

Are you aware of the need for security?

Your awareness of the need for security, is the best place to begin a discussion on physical property security. What is security awareness? Our definition is multi-faceted, and includes the ability to identify known and unknown threats, being aware of the technologies, products and services that can defuse those threats, knowing how to operate the products and systems you have, and most importantly the awareness that these systems must be used, and must be used all of the time. This security awareness may be more important to the security of your home and business than any of the security hardware or systems you install. Why is this? Any lock or security system, will not do you any good unless, You use it!

An old adage states that “locks only keep honest people honest”, and is possibly very true. If the “bad guys” really want to get in, all we can really hope for is to slow them down. If you, with our help, choose and have installed the correct hardware and/or systems, we CAN slow them down - or at least discourage them from threatening your loved ones and your property.

We’ve all heard the stories, usually from older relatives, about never having to lock our doors or cars, because the town was so safe, and they knew everyone. Well it is sad to say, but those days are gone. When people choose not to secure their property, they are not doing only themselves a disservice, they are also hurting their community. If any one of us makes it easier for the “bad guys” to prosper, they will multiply, our communities become less safe, our property values decline, and our quality of life suffers.

Yes that’s right, if a lock is not locked, it’s only a decoration. You need to be aware of using your locks every time you leave as the “bad guys” don’t advertise what day they are coming!

In medieval times security was easy; the property owner built a castle, dug a moat, and erected a drawbridge. Today these measures are not practical, or even desired. In today’s society, if you lived in a castle, and made all of your decisions based on safety and security, you would at the very least be labeled as paranoid. It is important that you balance the level of security you install, and how it operates, with your unique situation. You and any other persons need to fully understand how your systems operate - does it require you to lock it manually or will it fortify your property automatically. If you have too much security, you will not use it; too little security, and it will not do the job.

Back to our medieval castle. The property owner recognizing that he might have to increase the level of security at a moments notice, made provisions to place his archers along the walls. We don’t have any archers, but we can be sure that systems and plans are in place. Thus, we can increase the level of security and protection if the threat level increases.

You can combine this security awareness with properly chosen and installed hardware and/or security systems. And with the general security tips provided at this site. Then you can take this information and apply it to your particular situation. With a little initiative and the use of this new security awareness you will be on the way to creating “Peace of Mind” for your family, business and community.

1. Kaspersky version 6.0.0.303 - 99.62%
2. Active Virus Shield by AOL version 6.0.0.299 - 99.62%
3. F-Secure 2006 version 6.12.90 - 96.86%
4. BitDefender Professional version 9 - 96.63%
5. CyberScrub version 1.0 - 95.98%
6. eScan version 8.0.671.1 - 95.82%
7. BitDefender freeware version 8.0.202 - 95.57%
8. BullGuard version 6.1 - 95.57%
9. AntiVir Premium version 7.01.01.02 - 95.45%
10. Nod32 version 2.51.30 - 95.14%
11. AntiVir Classic version 7.01.01.02 - 94.26%
12. ViruScape 2006 version 1.02.0935.0137 - 93.87%
13. McAfee version 10.0.27 - 93.03%
14. McAfee Enterprise version 8.0.0 - 91.76%
15. F-Prot version 6.0.4.3 beta - 87.88%
16. Avast Professional version 4.7.871 - 87.46%
17. Avast freeware version 4.7.871 - 87.46%
18. Dr. Web version 4.33.2 - 86.03%
19. Norman version 5.90.23 - 85.65%
20. F-Prot version 3.16f - 85.14%
21. ArcaVir 2006 - 83.44%
22. Norton Professional 2006 - 83.18%
23. AVG Professional version 7.1.405 - 82.82%
24. AVG freeware version 7.1.405 - 82.82%
25. Panda 2007 version 2.00.01 - 82.23%
26. Virus Chaser version 5.0a - 81.47%
27. PC-Cillin 2006 version 14.10.1051 - 80.90%
28. VBA32 version 3.11.0 - 79.12%
29. ViRobot Expert version 4.0 - 76.22%
30. UNA version 1.83 - 75.44%

On the top you see both Kaspersky and Active Virus Shield with same results, thats because the engine is the same, it`s just AOL brand name on free software. This is good news, as people get good software for free! You can download Active Virus Shield by AOL here.

Of course the test is not precise, as it is always sponsored by some company (this one really looks like AOL and Kaspersky sponsored one, it`s too optimistic 99.62%).Kaspersky has created a large community around the world to support it. I`ve seen some other results where at top is Dr.Web. Dr.Web best feature is that it can cure infected files, not just delete them (e.g. delete important system files and crash your system). That`s what I never liked about NOD32 - it could never cure any file!

Another thing that makes me curious about this test is that Kaspersky`s big competitor Norton is put down in the 22nd place. In another review Norton is stated one of the worst applications that slow down your computer. And I agree, it IS slow. It`s installation procedure uses some Internet Explorer stuff that I have always had problems with.

For now at work I have Norton Internet protection suite 2006 (I`m without admin privilegies) and on my laptop I have deactivated Dr.Web and activated AntiVir, because one nasty virus Dr.Web couldnt catch and Antivir just detects it, but still cannot cure. I plan to install AOL (Kaspersky) Antivirus suite and try it out, maybe things have changed over time.

See them here: information security awareness posters

When you view an HTML message, embedded images and stylesheets are downloaded from a remote web server. This is called a “web bug”. Your email client (via the built-in HTML viewer) sends to that web server all the information it needs to add you to email databases and more. For example, the URL of the image downloaded may look like: http://example.com/image/98989892991813482, where 98989892991813482 may be the database key for your email address. Thus the sender will know for sure that you have read the message. In most email clients you can not turn off the HTML mode.

Having an antivirus is a very big step towards overall security, but generic antivirus software alone can’t protect from all threats of HTML and MIME-based email.

The best way to keep yourself out of spam attacks is to keep your email secret! Don`t put it on forums, webpages, etc. If you do, put it so that the humans only understand (e.g. “john [at] gmail (dot) com”).

Keep multiple email accounts (e.g. one for friends, one for clients, etc). Gmail.com is a good service and is recommended. It also filters HTML for script attacks (e.g. gmail doesnt display all images in html emails).

The last but the most important - don`t open emails form sources you don`t trust or don`t expect to be emailed!

• The nature of sensitive material and physical assets they may come in contact with, such as trade secrets, privacy concerns and government classified information

• Employee and contractor responsibilities in handling sensitive information, including review of employee nondisclosure agreements
• Requirements for proper handling of sensitive material in physical form, including marking, transmission, storage and destruction
• Proper methods for protecting sensitive information on computer systems, including password policy and use of two-factor authentication
• Other computer security concerns, including malware, phishing, social engineering, etc.
• Workplace security, including building access, wearing of security badges, reporting of incidents, forbidden articles, etc.
• Consequences of failure to properly protect information, including potential loss of employment, economic consequences to the firm, damage to individuals whose private records are divulged, and possible civil and criminal penalties

Being Security Aware means you understand that there is the potential for some people to deliberately or accidentally steal, damage, or misuse the data that is stored within our computer systems and through out our organization. Therefore, it would be prudent to support the assets of our institution (information, physical, and personal) by trying to stop that from happening.

From Wikipedia, the free encyclopedia