1 / 22

Defending the system

Defending the system. Firewalls ● Virusbusters ● Image programs. Virus attacks :. web-sites containing algorythms applying for connection e-mail viruses breaking by hackers. First defending line:. Firewalls. Defending system It doesn’t let any programs to connect

yori
Download Presentation

Defending the system

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Defending the system Firewalls ● Virusbusters ● Image programs

  2. Virus attacks: • web-sites containing algorythms applying for connection • e-mail viruses • breaking by hackers

  3. First defending line: Firewalls

  4. Defending system • It doesn’t let any programs to connect • We can give exceptions but it is dangerous • Opening the gate on the firewall is safer • Manual port-opening is a chance for a virus to break in • Most important is the hardware requirement! • Two types: package filters and application firewalls

  5. Package filters • Easier (lower protection) • Making decision about the head of the package (what contains protocol, IP-addresses and port numbers) • Making simple rules about the communication

  6. Example (how it makes the rules) • For using Internet, we have to open port #80 (usually) and receive everything in TCP • If the server use another port, we have to open that, too • When we are sending an e-mail, we have to allow the SMTP protocol The firewall has to register all of these and it becomes non-transparent because of the lot of rules.

  7. Application firewalls • Listening to the whole data-stream • Checking protocols (on the firewall itself) • It can not detect the infected e-mails • Disadvantages: • The new versions allow coded protocols (dangerous) • Works only with known protocols

  8. Second defending line: Virusbusters

  9. Two types • On-demand: We have to start it manually, because it doesn’t scan without the user. (for example: Kaspersky) • On-access: They are running residently in the memory and they are scanning every time, the user receive a mail.

  10. Appreciate by: • Scanning for In The Wild (ITW) viruses • Detecting zoo-viruses • Hardware requirements • Virus-database updating • other services (carantene function, firewall extension, bootable install CD, etc.)

  11. F-Secure Internet Security 2005 On-access • Simply controllable • Automatic updating • Good scanning performance • Integrated good provided firewall • It has no carantene function • Install CD is not bootable

  12. Kaspersky Antivirus 4.5 On-demand • Excellent against backdoors and trojans • Only at macros and scripts it is not 100% • It has low hardware requirements • is is hardly configurable. • You have to set the scanning of Microsoft Office files, scripts, and e-mails. • It hasn’t got so much automatic functions

  13. McAfee VirusScan 2004 version 8.0 On-access • Simple settings • Transparent, easy control • Zoo-viruses: 99% • You have to donwload active-x applet • Not so effective at acitve-x-es and trojans

  14. Norton Antivirus 2004 On-access • Ideal for beginners (lot of automatic function) • It’s nearly 100% at zoo and script viruses • Supports protection against macro-viruses • 100% at OLE objects • It has mail-scanner extension • Hardware requirements are in middle-level • Doesn’t support the ACE packing format • It is lower at active-x, backdoor and trojan

  15. Panda AntiVirus Platinum On-access • At zoo and polymorph viruses it is 90% • Extension for controlling CPU-load • It has integrated firewall • Scanning-detecting ratio is weak • At trojans and backdoors it is 75% • It has wrong alerts too often

  16. Bit-Defender 7.2 Professional On-access • It has serious defending center • Protects against dialing programs and cookies • Finds all of the polymorphs • Informs about updates and Windows backups • Low system requirements • It is weak for the zoo-viruses

  17. G-Data Anti VirenKit 2004 On-access • 100% protection against EVERY viruses • Simply controlling • Updates itself often • It has very high hardware requirements (2.5 GHz processor, 512 MB RAM is not engouh) • It has many wrong alerts

  18. AntiVir Personal Edition • It is free and fast • Scanning of ITWs is good • Weaker at zoo-viruses • Polymorphs: 84% • Backdoors and trojans: 43%

  19. Summary • Scanning of ITWs is good in every programs • Zoo-detecting is under 100% (except G-Data) • Adviced is AntiVir freeware because it finds most of ITWs and it has low requirements

  20. Final solution: Image programs

  21. The most famous programs • Norton Ghost 2003 (best, fastest, most stable, most services) • Drive Image 7 • True Image 7.0 • Drive Backup 6.0 USING UNIX!

  22. What to do? • Defend your system with password • Erase unknown e-mails • Switch on firewall • Install a virusbuster • And don’t click on executables or scripts

More Related