Firewall & Antivirus
-
Upload
bookwormblack -
Category
Documents
-
view
217 -
download
0
Transcript of Firewall & Antivirus
-
8/2/2019 Firewall & Antivirus
1/16
MUHD KAMIL ARIFIN BIN HASANDDIN
DOSHM0111543
MUHAMAD AFIQ BIN MAAROF
DOSHM0111492
Firewall & AntivirusINTRODUCTION TO INFORMATION TECHNOLOGY
IT2414
-
8/2/2019 Firewall & Antivirus
2/16
FIREWALLFirewall is a device that guards the entrance to a private network andkeeps out unauthorized or unwanted traffic. A firewall is a hardware
device or software application that sits between your computer andthe Internet and blocks all Internet traffic from reaching your
computer that you have not specifically requested. What this meansis that if you browse to a web site, the firewall will allow the traffic
from that web site to reach your computer and therefore yourself. Onthe other hand, if you did not request information from that web site,and the web site sent traffic to you, it would be denied from reaching
your computer because you did not specifically ask for it. Thisbehavior can be changed if you wish, and we will discuss that further
in the document.
cbf08dcf-f719-4a2f-b3d0-8ad9619d136e.flv
-
8/2/2019 Firewall & Antivirus
3/16
HOW FIREWALLS WORKA firewall works similar to an antivirus program by filtering
information that comes in from the Internet and into the companynetwork or the network that you have installed in your home. A
firewall is capable of protecting a large number of PCs or asingle PC.
Large Network: On a large network, each PC has what is calleda network card that connects a group of PCs together. The PCsaccess the Internet via several different lines known as T1 or T3lines. The firewall is placed on each of the lines that are
connecting to the Internet and can be configured to create rulesfor information that comes into the network from the Internet
Home Network: Depending upon your PCs operating system thefirewall if often built-in. If your operating system does not includea firewall, you can install firewall software which provides a
barrier between your home network and the Internet.
-
8/2/2019 Firewall & Antivirus
4/16
-
8/2/2019 Firewall & Antivirus
5/16
Firewall features
Inbound and Outbound Filtering Filtering is when a firewall examines information passing through
it and determines if that information is allowed to be transmittedand received or should be discarded based on rules or filters thathave been created. This function is the primary function of a
firewall and how it handles these tasks if very important for yoursecurity. Most people feel inbound filtering, which is theprocessing of inbound data towards your computer, is the mostimportant function of a firewall. Outbound filtering, though, plays
just as an important role for securing your computer. You may
have had malware installed on your computer without yourknowledge, and suddenly when you install a firewall withoutbound filtering, you will find that software on your computer isattempting to transmit data to a remote host somewhere on theInternet. Now, not only do you know that this software is
installed, but the outbound filtering stopped it from passing onprivate information.
-
8/2/2019 Firewall & Antivirus
6/16
Stealth Mode
It is important for your firewall to not only block requests to reachyour computer, but to also make it appear as if your computer doesnot even exist on the Internet. When you are connected to the
Internet and your computer can be not be detected via probes toyour computer, you are in what is called Stealth mode. Hackers havethe ability to detect if you are on the Internet by probing yourmachine with special data and examining the results. When you arein Stealth mode the firewall does not send this information backmaking it seem like you are not even connected. Due to this hackers
will not continue targeting your computer as they will think you arenot online.
-
8/2/2019 Firewall & Antivirus
7/16
Privacy protection Many firewalls now have the ability to block spyware, hijackers,
and adware from reaching your computer. This allows you toprotect your computer from being infected with software that isknown to reveal private information about what you do on the
Internet or other computing habits. These features are usuallybundled into the commercial versions of the firewall softwarepackages.
Application Integrity Application Integrity is when the firewall monitors the files on
your computer for modification in the file or how they arelaunched. When it detects such a change it will notify the user ofthis and not allow that application to run or transmit data to the
Internet. Many times these modifications may have been part ofan upgrade, but if it was modified by a malicious program you
-
8/2/2019 Firewall & Antivirus
8/16
Intrusion detection Intruders use various methods to penetrate the security of your
computer. Intrusion detection scans incoming data for signaturesof known methods and notifies you when such attacks arerecognized. This allows you to see what means a hacker is trying
to use to hack your computer.
Notifications
Notifications allow you to see the activity of what is happening onyour firewall and for the firewall to notify you in various ways
about possible penetration attempts on your computer.
-
8/2/2019 Firewall & Antivirus
9/16
POPULAR FIREWALLS
There are many types of firewalls on the market, each with theirown strengths and weaknesses. I have listed these personalsoftware firewalls and hardware vendors as resources for you toresearch further. If a firewall is noted as free it is important tonote that their commercial equivalents will probably contain more
features that may be beneficial to you.
Free PersonalFirewalls
CommercialPersonalFirewalls
HardwareRouter/FirewallsVendors
KerioOutpost FirewallZone Alarm Free
Black IceMcAfee PersonalFirewallNorton PersonFirewall
BelkinD-LinkLinksys
-
8/2/2019 Firewall & Antivirus
10/16
ANTIVIRUS"Antivirus" is protective
software designed to defendyour computer against
malicious software. Malicioussoftware, or "malware"
includes: viruses, trojans, ,hijackers and other code that
vandalizes or steals yourcomputer contents. In order tobe an effective defense, your
antivirus software needs to runin the background at all times,and should be kept updated soit recognizes new versions of
malicious software.
-
8/2/2019 Firewall & Antivirus
11/16
HOWS ANTIVIRUS WORKS Suspicious Behavior Approach:There are several different methods that antivirus programs use
to detect computer viruses. With the SuspiciousBehaviorapproach, your anti-virus program will monitor thebehavior of programs on your computer. The suspicious behaviorapproach is one of the better virus detection methods because itwill not only detect suspicious behavior from programs currentlyrunning on your computer, but it will also detect the behaviours ofnew viruses that show up on your system.
Dictionary Approach:With the Dictionary Approach, your anti-virus program will scanyour computers files when they are created, opened, closed or
emailed on your computer. The benefit of this, is that it can pickup a virus as soon as it is received. The downside to thedictionary approach, is that the anti-virus program can onlydetect viruses that are known in a dictionary or comprehensivedatabase of known computer viruses. This means your anti-virusprogram will only pick up viruses that are known and can missnewer, non-registered viruses that can still infect your computer.
-
8/2/2019 Firewall & Antivirus
12/16
ANTIVIRUS FEATURES Self-protection
Defense against all types of viruses and malware
Unsafe web site access restriction
Safe repository for personal data Better manageable events logs
-
8/2/2019 Firewall & Antivirus
13/16
POPULAR ANTIVIRUS
AntiVir
Kaspersky
NortonAvast
BitDefender
-
8/2/2019 Firewall & Antivirus
14/16
TOP VIRUS MARCH 2011 Top 10 viruses in March 2011 1Troj/Invo-Zip
2W32/Netsky
3Mal/EncPk-EI
4Troj/Pushdo-Gen 5Troj/Agent-HFU
6Mal/Iframe-E
7Troj/Mdrop-BTV
8Troj/Mdrop-BUF 9Troj/Agent-HFZ
10Troj/Agent-HGT
IS THIS IN
YOUR LAPTOP???
http://www.sophos.com/security/analyses/trojinvozip.htmlhttp://www.sophos.com/security/analyses/w32netskyp.htmlhttp://www.sophos.com/security/analyses/malencpkei.htmlhttp://www.sophos.com/security/analyses/trojpushdogen.htmlhttp://www.sophos.com/security/analyses/trojagenthfu.htmlhttp://www.sophos.com/security/analyses/maliframee.htmlhttp://www.sophos.com/security/analyses/trojmdropbtv.htmlhttp://www.sophos.com/security/analyses/trojmdropbuf.htmlhttp://www.sophos.com/security/analyses/trojagenthfz.htmlhttp://www.sophos.com/security/analyses/trojagenthgt.htmlhttp://www.sophos.com/security/analyses/trojagenthgt.htmlhttp://www.sophos.com/security/analyses/trojagenthgt.htmlhttp://www.sophos.com/security/analyses/trojagenthgt.htmlhttp://www.sophos.com/security/analyses/trojagenthfz.htmlhttp://www.sophos.com/security/analyses/trojagenthfz.htmlhttp://www.sophos.com/security/analyses/trojagenthfz.htmlhttp://www.sophos.com/security/analyses/trojmdropbuf.htmlhttp://www.sophos.com/security/analyses/trojmdropbuf.htmlhttp://www.sophos.com/security/analyses/trojmdropbuf.htmlhttp://www.sophos.com/security/analyses/trojmdropbuf.htmlhttp://www.sophos.com/security/analyses/trojmdropbtv.htmlhttp://www.sophos.com/security/analyses/trojmdropbtv.htmlhttp://www.sophos.com/security/analyses/trojmdropbtv.htmlhttp://www.sophos.com/security/analyses/trojmdropbtv.htmlhttp://www.sophos.com/security/analyses/maliframee.htmlhttp://www.sophos.com/security/analyses/maliframee.htmlhttp://www.sophos.com/security/analyses/maliframee.htmlhttp://www.sophos.com/security/analyses/maliframee.htmlhttp://www.sophos.com/security/analyses/trojagenthfu.htmlhttp://www.sophos.com/security/analyses/trojagenthfu.htmlhttp://www.sophos.com/security/analyses/trojagenthfu.htmlhttp://www.sophos.com/security/analyses/trojpushdogen.htmlhttp://www.sophos.com/security/analyses/trojpushdogen.htmlhttp://www.sophos.com/security/analyses/trojpushdogen.htmlhttp://www.sophos.com/security/analyses/trojpushdogen.htmlhttp://www.sophos.com/security/analyses/malencpkei.htmlhttp://www.sophos.com/security/analyses/malencpkei.htmlhttp://www.sophos.com/security/analyses/malencpkei.htmlhttp://www.sophos.com/security/analyses/malencpkei.htmlhttp://www.sophos.com/security/analyses/w32netskyp.htmlhttp://www.sophos.com/security/analyses/w32netskyp.htmlhttp://www.sophos.com/security/analyses/trojinvozip.htmlhttp://www.sophos.com/security/analyses/trojinvozip.htmlhttp://www.sophos.com/security/analyses/trojinvozip.htmlhttp://www.sophos.com/security/analyses/trojinvozip.html -
8/2/2019 Firewall & Antivirus
15/16
DIFFERENCE BETWEENFIREWALL & ANTIVIRUS
FIREWALL COMPARISON ANTIVIRUS
Firewalls are programsthat attempt to blockthreats and unwantedaccess to a network. Anetwork protected by afirewall will have topass data entering orleaving the networkthrough the firewall,and if it does not meet
the firewall's securitystandards, themessage will beblocked. A firewall canbe thought of as ascreen or sieve that
categorically strains outpotentially harmful
Firewalls and antivirussoftware are importantcomponents of Internetsafety. Firewalls areused to limit incomingtransmissions to thosethat are least likely tocontain bad data, whileantivirus programsactually look at the
effect that the incomingdata has on thesystem. Firewallscannot be used toremove threats if theyhappen to get past the
firewall.
Antivirus programs aresoftware packagesdesigned to scan theregistry and files on thecomputer itself for theactivity of maliciousprograms, and thenattempt to remove anythreats it finds.Antivirus programs can
actively search anddestroy threats, andhave virus definitionsthat can allow them toidentify specific threats.
-
8/2/2019 Firewall & Antivirus
16/16
E N DP/S
TURN YOUR FIREWALL &
ANTIVIRUS
ON