Archive for October, 2011

Firewall – Protect your PC, Protect Yourself

If you still do not know what a firewall, you might hear at a certain time on TV or read in articles and newspapers. You may also find, if you’re running Windows, which has a built-in firewall. Firewall This is a general purpose application that is designed to stop the greatest threat and most recognizable. It does not have a lot of flexibility when it comes to licensing, and so is often not as well protected, you can not even access the Internet and view Web pages.

Firewall software from third-party application or download and install or buy a CD and install it separately, it is generally recommended if you need a firewall applications installed on your computer. This application allows the firewall, although it is fairly easy to manipulate the program to provide a level of protection you want, without limiting access to the Internet. Firewalls are generally designed to help keep the program access to the Internet and transmit data back to a third party site. These sites, including updates to standards can be set to automatic. This update is available for everything from operating system files to the readers.

Firewalls prevent these updates occur without your knowledge. This means that adware, spyware, malware and viruses do not have access to the Internet to update information about where you are on the internet, all the personal information you have on your computer. Firewalls prevent the elements that can be found on the internet to get to the computer as you surf.

Since the firewall is crucial to ensuring that your information remains safe and that you do not have to worry about the problem of spyware, adware and malware can be placed on your computer. This application can cause serious damage to the system, can also cause your system to freeze and become completely unusable. It’s a good idea to make sure that you’re protected from new threats. There are several things to consider when you look at the firewall.

You will write programs that will enable you to control what they access the Internet and you can get access to a computer is that the use of a firewall can provide. Do you want to be able to get to, trust, protecting yourself from sites that do and do not want to leave your personal information and data available to anyone on the Internet. You also do not want to be very popular program, which can also prevent you from getting access to the Internet in general. It’s a good idea to get Application Firewall, which provides flexibility and security.

Tags: , , , ,

Firewalls To Increase The Speed and Security of Your PC

Hi all, home computers and Internet users. Today, in this article I will explain the value of a software firewall on your PC, the firewall is and how it can help increase the speed of your Internet connection and make your PC protected from Internet threats.

The firewall computer an application which continuously monitors the network traffic. A firewall alerts the user and to prevent any abnormal behavior for network access, or unauthorized access to Web sites. In short, the guard takes place at the computer and the network firewall does not allow any data type to leave or enter without permission.

The main causes of poor Internet connection.

Many Internet users may have their Internet access slows down after a few days or months a fresh install. This is because during this time you may have installed many applications for your needs. Another reason may be infected with a virus on your computer.

Too many applications that can slow down your computer and the Internet because of the following options.

  1. Many applications will continue to check for updates on the Internet by visiting the Web site vendors.
  2. Many applications, such as screensavers, browser toolbar, the game can act as spyware and inform their suppliers to keep your preferences on your computer and your surfing habits.
  3. If your computer is infected, there is a possibility that access to the Internet through the wall and felt that the Internet is slow.

During the first two of the above methods, you just need a firewall is configured correctly installed on your PC, while the third solution, you need to do a test on the first PC anti-virus software and install the latest antivirus updates.

There are many free firewall for home users, but the best choice requires some effort. If you buy a complete set of security software for PC manufacturers to antivirus software, you can get a built-in firewall, but if you want to install a free firewall from different manufacturers, I would recommend looking for the best. You can try the keyword phrase “free software Windows, firewall review ‘to Google search for reviews.

After installing the firewall, start by asking you for any application that tries to access the Internet to allow or deny them. You can allow or deny all applications, while or forever, by selecting the “Remember this setting for the application version. Thus, he will learn from the firewall to allow access to the Internet browser and an application to update the antivirus program can be said to you, and start blocking other cases, access to and use of internet traffic.

If the application server or a Web site tries to attack your computer in another suspicious ports TCP, the firewall also blocks and information. If one computer in the network attempts to harm your computer, you will also receive a notification. So I am saying that the firewall is very important as antivirus software. Your comment about firewalls and Internet appreciated.

Tags: , , , ,

Firewall – Steps To Protect Your Computer

If you really want to protect yourself against spyware, you need to have a firewall on your computer. This is a form of protection that prevents unauthorized access to your computer or local area network (LAN), you are. A firewall is a basic protection against all types of spyware that you might have. This works for traffic between computer networks.

Each network was assigned the level of trust within the firewall itself. For example, the Internet is generally regarded as a region, while the internal network of a higher level of confidence is determined by a firewall. Of course, you can also set the number of medium confidence for different things.

To the firewall, it would be useful, you need to make sure it is properly configured. Using standard methods of security will only have access to the network that you explicitly allow. However, in order to run this, you will need to have detailed knowledge of network applications that will be used to organize the day to day.

Unfortunately, there are a lot of people do not realize it, and then apply the “allow” ruleset. Here, all traffic is allowed access to a computer, unless blocked. This is not good, because accidentally lets a network connection to be compromised.

Whenever you have a firewall configured correctly, can make a lot of good things. For example, tell you how many times someone tried to hack a computer and it will also remove and destroy incoming spyware and adware. However, the firewall simply not enough. You will also need a higher level of protection.

A home computer should have firewall, antivirus and anti-spyware or anti-adware software. Keep this software up to date patches and updates to avoid the intrusion occurs in your system.

Firewall functions

As a firewall to control traffic between computer networks with different security and confidence level. Internet open area, without the trust and the system is online, which is a region of high trust in the Internet, you are open to attacks from the Internet. All you need is a middle layer, where before loading any data packets or Internet request is checked for viruses, spyware, adware and other threats to system security.

This middle layer is also referred to as the demilitarized zone (DMZ). Thus, all the security risks that have been analyzed out of the system and helps to minimize the attack on your system. Now it can be hardware or software, depending on the needs of individuals or companies. Large companies to create a DMZ, which reviews all requests and verification before allowing access to company systems. DMZ servers help companies trying to protect their critical data. At the level of individual product firewall software installed to cover the system / software viruses or worms. A firewall creates a ring around the security system to prevent attacks from spyware, adware or other kind of virus that is installed in the system.

Types of Firewalls

Layer network and packet filters

This is also referred to as a packet filter. Packet filters operate at a relatively low level of communication stack. A packet filter to eliminate communication package, which passed without compliance with established rules set by the firewall. A set of rules can be defined during the installation of a firewall or later can be changed by the system.

Application Layer

This type of firewall at the application level, so that the traffic associated with a browser or FTP-control for authentication and security threats. The firewall intercepts all packets move from one application to another and to block unwanted content, unwanted traffic to protect your applications.

Network address translation

This is to hide the actual address of the host being protected. NAT firewall features to protect the actual address of the host. NAT stands for “Network Address Translation” and is used as a protective mechanism against the intelligence network.

Finally, the security of the firewall will block attacks on your computer, not allowing hackers on your system, hidden address system and create a safe environment for your business or your personal system to work without problems.

Tags: , , , ,

The Ideal Design Personal Firewall

The general concept

This section describes the general concept of a personal firewall for Windows. It is not necessary for the implementation of the firewall in the same way to ensure this. Common personal firewall is implemented as three or four separate components.

The kernel driver

The first part is the kernel driver. It has two main functions, so sometimes it is implemented in two components, rather than one. The first function is to filter packets. Usually the level of NDIS, TDI or both the driver checks every packet that comes from the network or from the network. He is also known as protection for both inbound and outbound connections. There are some personal firewalls that do not implement the protection of incoming and outgoing connections. However, these products also have a kernel driver for their tasks. The second function is called a sandbox. The most common method of execution sandbox SSDT SSDT GDI hooks and hangers. The driver of the firewall to replace some functions of the system with its own code, which checks the request and denied the right to call and passes the action or the execution of machine code. This method allows the firewall to monitor all possible tasks for applications such as malicious attempts to open the file, processes, registry entries, change the firewall settings to automatically answer your questions, etc.

System Services

There are no user-specific mode, called the core service. This process has a specific function and behavior. They operate under a system of user privileges and not under a common user account. This allows services to be performed regardless of the user, and works even when no user is logged in. the role of services in the personal firewall is to ensure communication between the main components. The service receives messages from the GUI and the kernel driver and forward this message to others. For example, if the firewall in training mode, the driver code, depending on the hooked SSDT can not decide whether to allow or block the action because there are rules for action in the database. In this case the user wants to solve. To do this, send a message to open the GUI and get answers from him. Communication is usually carried out by the service component. Firewall service is sometimes used to ensure that the GUI is always available to users.

Graphical user interface

The graphical user interface (GUI) is a firewall user. It implements a common administration firewall TrayIcon. Another important function of a graphical interface to query the user to decide when the firewall in training mode.

Self-defense

This is not the rule. 1 for all security products, not only for the personal firewall. Regardless of the perfection of other functions, if the firewall can not guarantee itself does not make sense. If a malicious activity can be stopped, disable or destroy the personal firewall is equivalent to not have a personal firewall at all. All firewalls must be protected even processes, files, registry entries, drivers, services, and other system resources and facilities.

Component testing

Verification component is very close to self-defense as mentioned above. Firewall programs are usually complex and often used in more than one module or component. In this case, there are some core modules are executed in the operating system. When you start running or in the middle of the module loads another module of the firewall. We say that the modules are loaded dynamically. You need to check the integrity of all modules are loaded dynamically. This suggests that the integrity test should be carried out in one of the main module.

Protect incoming and outgoing

A good personal firewall provides protection against both inbound and outbound traffic. Input protection means that packets sent over the Internet or locally on your computer, which is filtered and the ports that you just want to open is available. This protection is standard and is very good and reliable in almost all firewalls. On the other hand, a problem that causes the output protection for all vendors today. Outgoing protection means that only applications that are allowed access to the Internet or LAN. It’s not as easy as it seems. Imagine that you want to surf the Internet with an Internet browser and other applications that do not want to do it. The problem here is that not enough just to see what application sent the packet on the Internet because modern operating system allows programs to communicate. Applications do not have access to the Internet, you can launch a browser and use to communicate. Your personal firewall to protect all privileged applications to abuse by malicious programs. This should limit their access. But that’s not enough. Personal firewall is to protect yourself. Malicious applications should not be able to turn it off or change the rules. This means that it must also protect the system resources, etc. There are many problems in this regard, and we’re still only talking about features – outbound protection.

Process Safety

Each special process must be protected against various malicious actions. Firstly, there is no malicious application can complete the process. Second, it must be possible to change the code or data. Third, it should be possible to run any code in the context of privileges for each process. It also includes DLL injection.

Files and protection components

Protecting files is very close to protect the process. If the malicious code can replace the file with the use of preferential flow is equivalent to change their code at runtime. There are two ways to implement security file. The first method (active protection) is to prevent write and delete access to files owned by privileged applications. Because it can be difficult to implement firewalls, many programmers who choose the second option – checking the integrity of the module (component protection). In this case, the firewall allows malicious code to undermine or replace the file on the application is preferred. If this application is about to launch its modules are checked and execution halted or reported to the user. File Protection is also required for all file systems.

Driver Protection

Windows, drivers, operating system, to trust her. This means that any code that is running the drivers that are reliable and, therefore, authorized to carry out the instructions of the processor are properly protected and potential access to all system resources. It is therefore necessary to establish a piece of software security as a personal firewall, such as system drivers. Nevertheless, it is also why it is necessary to control the downloading new drivers and to protect the existing driver. Malware can not install drivers or edit driver is already loaded.

Protection Services

As part of a firewall is usually implemented as a system of protection services system is also required. But not only the firewall component that must be protected. To install the new service is an easy way to survive as malware in the system because the system services can be configured to run every time you boot your system. In addition, a malicious service can also be dangerous, because you work, even if the user is not logged. Creation, elimination and control of system services that need to be protected action.

Protection Registry

Windows, the registry contains a lot of important information. The location of system components can be changed using the registry. Incorrectly editing the registry of multiple objects can easily lead to system instability or fail to boot. There are many registry keys and values ​​that must be protected from malicious application changes.

Protection of other system resources

There are also several objects and system resources in operating systems. Some of them may be dangerous if they are under the control of malicious programs. One of the objects is the famous «DevicePhysicalMemory”, which can be used to gain control over the system, if not protected. Firewalls must protect objects that can be abused by malicious programs.

Parent process control

We already know that it is necessary to protect the privileged process. Perhaps the easiest way to implement the protection of this process is to control the opening process and thread. However, if the process of implementing security is thus also important for the control of the parent process. Each process in the system created by some other process – its parent. Parents are always awarded two new handle to create a child process. This object handles and processes for managing its flow. The process handle full access, then the parent can monitor your child completely. That is why the firewall should limit the exercise of special processes. In addition, control of the parent process must be applied even if the firewall does not protect the safety of the design process through an aperture control processes and threads. Some special processes can be used to perform an action if they are executed with the privileges of certain command line arguments. Many firewalls do not distinguish between the implementation of specific processes and the underprivileged. Limiting the creation, so that only applications that have been selected first in the state to create a child process as a whole.

Manage programs that start automatically

Firewalls must protect the places in the operating system, which can be used by malicious programs to maintain the system after a reboot. If we allow users to run new applications that are not known, there is no way to protect against the execution of malicious applications. And users often download and install or run new applications. Firewalls can limit the actions of malicious applications, because they can not damage your system. However, if a malicious application can cause damage to the remains in the system later, when the security bug is found. That is why the firewall should monitor the applications that run automatically, for example, after every system startup or user logon.

Trial defense

Spyware like keyloggers and packet sniffers are applications that are dangerous because they are made to steal sensitive user data can be – your password. But not only passwords purpose of this application. Document personal information, personal correspondence or business-sensitive information should also be protected. Firewall to protect sensitive data, not only when they are complete in the form of files, but also when they are created or transfer. Keyloggers can get all the user keys back, and then gather all the information, letter by letter. Sniffers are waiting for messages to be transmitted using multiple network interfaces and to make copies of sent messages. There are many ways to carry out spying program to collect sensitive data, and they must all be protected by a firewall.

Protection of system resources

Each system has limited resources. For Windows workstations can overcome some of the thousands of objects. This amount is enough for any normal user operation. However, if a malicious program to create thousands of threads in the system becomes unusable, and this action causes a denial of service (DoS). The firewall should limit unprivileged applications cause DoS. There should be a limit on the number of threads, open files, memory and other system resources used by applications without a license.

There are no hooks Ring3

Ring3 (or user mode) connection is a method that can be used to implement a personal firewall or its parts. Nevertheless, Ring3 hooks may be used only for special functions for security and is never critical. Protection by Ring3 hooks can easily be circumvented, malicious applications. Ring3 hooks should not be used to constrain the behavior of unknown applications. They can be used very rarely change or control the behavior of privileged applications are not guaranteed to reduce Ring3 hooks.

Tags: , , , ,

DChart A Web Interface For Gridded and In-Situ Data Collections

What is DChart

Show details Dapper (aka DChart) allows you to visualize and download the site of oceanographic and atmospheric data from a file server or OPeNDAP. Features include an interactive map, which you can drag to position the station layer that allows you to select a station data, and the window of the plot, which allows us to construct the data from one or more stations. The three types supported by the plot (profile, property, assets and time series), and users can interact directly with the plot to pan or zoom in and zoom out. Click here to try DChart.

What DChart address the problem?

Millions of in situ observations of the sea, is now available to scientists through the network protocol OPeNDAP. However, access to data is limited, because there are many web applications that support the OPeNDAP protocols.
What is the solution?

Some technologies browser Web (XHTML / CSS / DOM / XML / XSLT, and JavaScript), has matured over the last few years ago, is now possible to design OPeNDAP compatible Web applications with rich user interface than when using traditional Technologies Web.

DChart is a web application that uses this technology to interactively select, view, download, and based on observations point from Dapper, OPeNDAP servers in place. Users have access to the functionality of desktop applications in a browser on the Web, without having to download plug-ins or applets.
Screen DChart shot webpage Argo profile data access display DChart shot of the website of the National Data Buoy Center for tables with time series
Screenshot of the website to access profile data DChart Argo.

The three types supported by the plot (profile, property, assets and time series), and users can interact directly with the plot to pan or zoom in and zoom out.
Technology

JavaScript remote scripting technology, also known as AJAX (Asynchronous Java and XML), provides a solution to this problem. There are two ideas behind AJAX applications:

JavaScript is used to regenerate parts of the UI.

DChart use remote scripting to provide access to the Internet to place oceanographic and atmospheric data. Users have access to the functionality of desktop applications in a browser on the Web, without having to download plug-ins or applets.

Tags: , , , ,