An examination and
evaluation of the various factors affecting the value of a security.
You might be thinking
"Hey, the Internet's a huge place, right? No one's ever going to notice me." Sure. But technically savvy
intruders are using high-speed "Internet Scanners" that can probe every computer in a small country within a
short time! Nothing would make them happier than lifting your personal information, credit card numbers, bank
account balances, and so forth through your computer's connection to the Internet.
The analysis of
cryptographic protocols is a fundamental and challenging area of network security research. Traditionally, there
have been two main approaches. One is the logic approach aimed at developing automated tools for the formal
verification of protocols. The other is the computational or complexity-theoretic approach that characterizes
protocol security as a set of computational tasks and proves protocol security via reduction to the strength of
the underlying cryptographic functions.
Assessments are a way
to increase information technology (IT) security. Network security is a top IT priority. Enterprises are
increasingly recognizing the value of a good security policy to define what is and is not allowed in terms of
network and Internet access. Usually a number of tools are deployed to enforce that security
A security assessment
goes well beyond implementing the ubiquitous firewall. Although firewalls have become mandatory, proper
configuration is critical and requires a specific skill set. A badly configured firewall is worse than no
firewall at all, since it promotes a false sense of security.
A brand new computer
may not have the latest "critical updates" for Microsoft Windows XP installed. Before connecting a new Windows
XP based computer to the Internet, install a firewall for protection from new worms and other intruders. Also go
to the Windows update web page and download and install any "critical updates". DO NOT set up email accounts or
download email until after you install and/or update anti-virus software and virus
The Big 3 -- Firewalls,
Anti-Virus and Anti-Spyware Software -- These are the must have Internet security software
have two basic functions. They protect your system from unsolicited
scans coming from the Internet. Secondly, they usually offer outbound control. An inbound scan may be looking
for a Trojan horse on you system. Outbound controls watch for a Trojan horse or Spyware trying to call out from
If you are using
Windows XP, it has a built in firewall that is incoming only. If you decide to use another firewall, be sure to
turn off the one in XP. If you decide to try out several firewalls, be sure to fully uninstall one before
installing another. Running two software firewalls on the same computer may cause problems. After installing a
firewall, test it with an online security service like Security Space to make sure that you configured it correctly [a basic
audit for a home PC is free].Testing your firewall is the only sure
way to tell that your computer is really being protected.
software scans your hard disk to find and remove
viruses. To some extent these products can also scan and may be able to remove worms and Trojan horses. To be
effective, you should update the virus definitions using a vendor's automatic update service. Running two
anti-virus programs on the same computer may cause problems. Be sure to fully uninstall one before installing
another. Look for software that has an automatic update feature and that filters incoming and outgoing email.
Outdated virus definitions are useless for new viruses.
commercial Trojan horses. Unlike personal firewall and anti-virus software, it is ok two use two or more
anti-Spyware programs at the same time. In fact, I recommend doing it because no existing product can remove
100% of Spyware currently in circulation.
should be used in addition to, but not instead of, anti-virus software. Anti-Trojan products can identify and
remove more Trojans than anti-virus software
Hardware Router for
Firewall, Networking & Internet Connection Sharing:
If you are connecting two or more computers to the Internet, you should use a low-cost hardware router with
firewall features. The firewall features come in two flavors. Most use network address translation (NAT) which
hides your small computer network. From the Internet, a hacker sees your router not your computers. Routers with
stateful packet inspection (SPI) check the data going though the router as well providing additional protection.
If you have or want a wireless router, be sure to use its security features; even if you do, they are less
secure than wired versions. Another option is a wired or wireless router with a built in DSL or cable modem. For
more information, see our Router, Wireless and Broadband pages. After installing a router, test its firewall
with an online service like Security Space to make sure that it is working correctly. Testing your firewall is
the only sure way to tell that your computer is really being protected.
Notes: The best way to have two firewalls for two layers
of protection is by using a hardware firewall between your modem and computer or small network plus a software
firewall on each computer.
While the security
industry is on top of conventional spam and phishing attacks, more effort needs to be put into preventing and
eliminating so-called drive-by downloads. The attacks allow hackers to redirect mass amounts of traffic by
inserting malicious iFrames into legitimate Web sites. The hacks are usually invisible to Web site visitors and
often do not draw attention from security personnel because they only require a single line of code to be
manipulated. Drive-by downloads are the preferred way of spreading malware [because] they happen automatically
by visiting a Web site, unless users have a fully patched operating system, browser and plug-ins.
For Questions or More Information Contact Us