How Firewalls Work
If you have been using Internet on a regular basis or working in a large company and surf the Internet while you are at work, you must have surely come across the term firewall.
You might have also heard of people saying “firewalls protect their computer from web attacks and hackers” or “a certain website has been blocked by firewall in their work place”. If you have ever wondered to know what exactly is this firewall and how it works.
How Firewalls Work?
You might have also heard of people saying “firewalls protect their computer from web attacks and hackers” or “a certain website has been blocked by firewall in their work place”. If you have ever wondered to know what exactly is this firewall and how it works.
Firewalls are basically a barrier between your computer (or a network) and the Internet (outside world). A firewall can be simply compared to a security guard who stands at the entrance of your house and filters the visitors coming to your place. He may allow some visitors to enter while denying others whom he suspects of being intruders. Similarly a firewall is a software program or a hardware device that filters the information (packets) coming through the Internet to your personal computer or a computer network.
Firewalls may decide to allow or block network traffic between devices based on the rules that are pre-configured or set by the firewall administrator. Most personal firewalls such as Windows firewall operate on a set of pre-configured rules that are most suitable under normal circumstances so that, the user need not worry much about configuring the firewall.
Personal firewalls are easy to install and use and hence preferred by end-users for use on their personal computers. However, large networks and companies prefer those firewalls that have plenty of options to configure so as to meet their customized needs.
For example, a company may set up different firewall rules for FTP servers, Telnet servers and Web servers. In addition, the company can even control how the employees connect to the Internet by blocking access to certain websites or restricting the transfer of files to other networks. Thus, in addition to security, a firewall can give the company a tremendous control over how people use the network.
Firewalls use one or more of the following methods to control the incoming and outgoing traffic in a network:
Packet Filtering: In this method, packets (small chunks of data) are analyzed against a set of filters. Packet filters has a set of rules that come with accept and deny actions which are pre-configured or can be configured manually by the firewall administrator. If the packet manages to make it through these filters then it is allowed to reach the destination; otherwise it is discarded.
Stateful Inspection: This is a newer method that doesn’t analyze the contents of the packets. Instead, it compares certain key aspects of each packet to a database of trusted source. Both incoming and outgoing packets are compared against this database and if the comparison yields a reasonable match, then the packets are allowed to travel further. Otherwise they are discarded.
Firewall Configuration:
Firewalls can be configured by adding one or more filters based on several conditions as mentioned below:
IP addresses: In any case, if an IP address outside the network is said to be unfavorable, then it is possible to set filter to block all the traffic to and from that IP address. For example, if a certain IP address is found to be making too many connections to a server, the administrator may decide to block traffic from this IP using the firewall.
Domain names: Since it is difficult to remember the IP addresses, it is an easier and smarter way to configure the firewalls by adding filters based on domain names. By setting up a domain filter, a company may decide to block all access to certain domain names, or may provide access only to a list of selected domain names.
Ports/Protocols: Every service running on a server is made available to the Internet using numbered ports, one for each service. In simple words, ports can be compared to virtual doors of the server through which services are made available.
For example, if a server is running a Web (HTTP) service then it will be typically available on port 80. In order to avail this service, the client needs to connect to the server via port 80. Similarly, different services such as Telnet (Port 23), FTP (port 21) and SMTP (port 25) services may be running on the server.
If the services are intended for the public, they are usually kept open. Otherwise they are blocked using the firewall so as to prevent intruders from using the open ports for making unauthorized connections.
Specific words or phrases: A firewall can be configured to filter one or more specific words or phrases so that, both the incoming and outgoing packets are scanned for the words in the filter.
For example, you may set up a firewall rule to filter any packet that contains an offensive term or a phrase that you may decide to block from entering or leaving your network.
Hardware vs. Software Firewall:
Hardware firewalls provide higher level of security and hence preferred for servers where security has the top most priority. The software firewalls on the other hand are less expensive and hence preferred in home computers and laptops.
Hardware firewalls usually come as an in-built unit of a router and provide maximum security as it filters each packet in the hardware level itself even before it manages to enter your computer. A good example is the Linksys Cable/DSL router.
Why Firewall?
Firewalls provide security over a number of online threats such as Remote login, Trojan backdoors, Session hijacking, DOS & DDOS attacks, viruses, cookie stealing and many more. The effectiveness of the security depends on the way you configure the firewall and how you set up the filter rules.
However, major threats such as DOS and DDOS attacks may sometimes manage to bypass the firewalls and do the damage to the server. Even though firewall is not a complete answer to online threats, it can most effectively handle the attacks and provide security to the computer up to the maximum possible extent.
What is Denial of Service (DoS) Attack?
If you are working in the field of computer networks or an enthusiast in the field of network security, you are sure to have come across the term “Denial of Service attack” which is simply referred to as “DoS attack”. Today, this is one of the most common types of network attacks carried out on the Internet. In this post, I will try to explain DoS attack, its variants and methods involved to carry out the same in an easily understandable manner.
What is a DOS Attack?
Denial of Service or DoS attack is a type of network attack designed to flood the target network or machine with a large amount of useless traffic so as to overload it and eventually bring it down to its knees. The main intention behind DoS attack is to make the services running on the target machine (such as a website) temporarily unavailable to its intended users. DoS attacks are usually carried out on web servers that host vital services such as banking, e-commerce or credit card processing.
A common variant of DOS attack known as DDoS (Distributed Denial of Service) attack has become quite popular in the recent days as it is more powerful and hard to detect. A typical DoS attack has a single place of origin while a DDoS attack originates from multiple IP addresses distributed across two or more different network. The working of a DDoS attack is shown in the following diagram:
Unlike a DoS attack where the attacker uses one single computer or a network to attack the target, a DDoS the attack originates from different pre-compromised computers belonging to different networks. As the attacker uses a number of computer systems from different networks each residing in different geographical locations, the incoming traffic looks natural and therefore becomes hard to detect.
Protection Against DoS/DDoS Attacks:
DoS attacks can easily be handled by blacklisting the target IP (or range of IPs) that are found to be making too many requests/connections (in an unnatural way) to the server. However, DDoS attacks are complicated as the incoming requests seem more natural and distributed. In this case it is hard to find the difference between the genuine and malicious traffic. Taking an action at the firewall level to blacklist suspected IPs may result in false positives and therefore may affect the genuine traffic as well.
Methods Involved in DoS Attack:
The following are some of the commonly employed methods in carrying out a DoS attack:
- SYN Flood Attack
- Ping Flood Attack (Ping of Death)
- Teardrop Attack
- Peer-to-Peer Attacks
How to make a Shutdown Timer in Windows
There are so many
software available that can make your PC shut down at any pre-defined
time. But have you ever wonder you can
make your PC shut down timer easily without downloading any software. You may
laugh on it as it seems so simple trick but many people still needs it. So,
here I am going to tell you two simple methods to make a PC shutdown timer.
Method 1:
This method is very simple.
You can do this by creating a shortcut file and then enter the location of
shutdown timer. Here are the steps to follow:
Right click on your
desktop and choose “New=>shortcuts”.
In the box that says
“Type the location of the shortcut”, type in ‘shutdown -s -t 3600′ without the
quotation marks and click next. (Here 3600 are the amount of seconds before
your computer shuts down.)
Make up a name for the
shortcut and you’re done.
TO ABORT this:
Once you start shutdown timer,
you will need to create another shortcut as you created earlier but this time
you will have to provide another address.
To make an abort key to
stop the shutdown timer just create another shortcut and make the ‘location of
the shortcut to ‘shutdown -a without the quotes.
Method
2:
The above method is not
so much helpful when you want your PC to shut down on a specific time. Suppose
you want to listen songs at night and you want it to stop automatically at
11:59 PM. You can simply do this by following method
·
Click on Start-> Run or Press Win+R
·
Enter the code: at 23:59 shutdown -s
·
Make sure that you enter time in 24 hour
format.
TO ABORT this:
To abort this timer, follow the same process but this
time use shutdown -a code in run.
TOP 10 MYSTERIOUS WEB BROWSERS FOR WINDOWS
Top 10 mysterious web browsers for windows. Users who
use Windows operating system are more aware of well-known web browsers, like
Google Chrome, Internet Explorer, Mozilla Firefox, Opera etc. But there are
many other browsers are available in the market with unique features
BLACKHAWK BROWSER
BlackHawk is a user-friendly web browser with special
cookie handling feature, combines the running speed of Chrome with the useful
functionality of Firefox. BlackHawk provides exceptional cookie handling.
NETGROOVE BROWSER
NetGroove is a graceful, fast and tabbed web browser
can be access directly from your flash drive without install it, works on the
Internet Explorer Engine.
BEAMRISE BROWSER
It is a social web browser provides amazing
animations, graphic bookmarks and even free texts given by Android, joins
chatting and browsing with each other, facilitates you to chat using your
friendly social networks and video chat via the browser itself.
WYZO BROWSER
Wyzo is basically the Media Browser because it
enhances the online media skill of a user, supports all well-known and common
add-ons for Mozilla-based browsers. It permits users to download torrents in a
single click.
BROWZAR BROWSER
Browzar web browser privacy is awesome for cloud and
banking applications; it does not save browsing History, Cookies, Temp files,
Passwords, Cache etc. After closing work and browser nothing get saves in the
history.
QT WEB BROWSER
It is a fast and lightest open source web browser
with secure unique user interface, based on Nokia’s QT framework and Apple’s
Webkit.
EPIC BROWSER
A web browser powered by Mozilla. It provides Indians
latest films and songs, live cricket scores, news from multiple sources such as
regional and Hindi language sources. It provides safe surfing; while surfing no
one can track what you have browsed using it.
U BROWSER
U web browser developed by Conduit. It is a free easy
to use Chromium-based web browser with many social tools good for those who
want to be social. U browser makes easy connection between you, web, friend and
even mobile devices.
DOOBLE BROWSER
Dooble was released in September 2009; an open source
web browser works on multiple platforms, goals to offer better secrecy and
usability. Currently, it is supporting Windows, OS X, Linux and FreeBSD. Dooble
with many features supports built-in download manager and third party plugins
too.
COOWON BROWSER
Google Chrome based browser particularly made for
gamers because using it we can automate our tasks, Record and Play by one mouse
click, avail the Gamepad that controls the game speed during pay time.
Cybersecurity skills need boost in computer science degrees
.jpg)
University
computer science courses are failing to make clear the need to develop skills
in cybersecurity, leaving the UK with a shortage of experts
This
is according to a paper published jointly last week by the Council of
Professors and Heads of Computing and (ISC)2, the International Information
Systems Security Certification Consortium.
“Twenty
years ago very few courses paid any significant attention to security, and the
situation has started to change, albeit slowly,” says “Perspectives:
Integrating Cybersecurity into Computer Science Curricula”.
This
is despite “a growing voice from industry that cybersecurity knowledge should
be core to the disciplines of computing and information technology”, meaning
such skills should therefore be “a key element of the computing and computer
science curriculum, particularly at the undergraduate level”.
Currently
most institutions offer computer science courses in which there is one module
or unit – approximately 5 per cent of the total credits – dedicated to
cybersecurity in a three-year degree, the paper claims.
It
also notes that graduates find it difficult to enter the cybersecurity industry
because “the supervisory cost of placements is very high for companies to take
on many graduates of any kind in cybersecurity roles”.
“Academia
must look at its curricula and accreditation requirements,” said Liz Bacon,
president of the Chartered Institute for IT, adding it was also incumbent on
industry to accept more trainees and placement students.
She
said that more sandwich placements needed to be made available, and that
lecturers could not single-handedly boost interest in cybersecurity among
students, and that “talks from external speakers” and “war stories” from
industry were more likely to excite students.
“It
is not enough to integrate technical cybersecurity subjects into computing
degrees as cybersecurity is an increasingly a diverse discipline, requiring a
mix of business savvy, soft skills and technical skills for varied roles,”
added Adrian Davis, managing director (Europe, the Middle East and America) of
(ISC)2.
“Universities
have a real opportunity to include and make explicit reference to cybersecurity
topics within many degrees.”
In
August, the first GCHQ-certified master’s courses were unveiled, with Edinburgh
Napier University, Lancaster University, the University of Oxford and Royal
Holloway, University of London, among those accredited.
Making Malware Cleanup Easier
Making Malware cleanup easier
You'll
find a recommendation to install software to detect and clean up malware in
almost any security guide. Although a single product isn't sufficient to defend
against all modern security threats, the general recommendation persists
because the technology remains effective in blocking categories of known
threats and cleaning up malware infections if they find their way onto your
computer. Since resolving a malware problem is a little bit different each
time, we're committed to working with our partners to give people on Facebook
the help they need in keeping their information secure.
Our
goal is to make it easier for people to find and use the right technology to
better protect their devices. We've worked with F-Secure and Trend Micro to
incorporate free anti-malware software downloads directly into our existing
abuse detection and prevention systems. These are the same systems that help us
block malicious links and bad sites from among the trillions of clicks that
take place every day on Facebook.
Tag :
Security
How to Unlock Pattern Locks on Android Devices
How to Unlock Pattern Locks
on Android Devices
Nowadays many android phone users use the
inbuilt “pattern locks” as a security to their phones. But the main problem
with it is that, if you forget the pattern you used and you try out many wrong
attempts, it gets locked permanently. So, just follow these simple steps
to unlock pattern locks on your android device and use it again free
of cost.
Unlock using Google Account :
If you don’t have data connection or internet access or if you
don’t have your google account linked to your phone, then, you can skip this
step and refer the Additional TRICK.
When you try different patterns and unable to unlock your phone in five attempts. Then a message
pop-up and shows two buttons “next” and “try again”. Now click on “next” button
and you see two options for unlocking phone. One is answer the
security question and the second option is to provide Google account details.
Mostly people don’t set a security question. But if you set it
then simply answer the question and unlock your device
quickly. Otherwise check the Google account option and click “next”.Now provide
your Google account username and password attached with your device and click
on “sign in”. After that you are directed to choose new pattern and now you can
unlock with this pattern.
1) Switch off the phone.
2) Now hold these buttons all together at the same time
“Volume up +
Home Key + Power Button”
until the phone boots (if you device doesn’t have a home button
just hold together volume up key and power key)
3) Now a screen like DOS will come up with different options
4) Use the volume key to move up and down then scroll down to
“Restore Factory Defaults” or “Delete all User Data” depending on which is on
your device. Select this factory reset option and then press power button to
let the action begin.
Now it asks you for confirmation, select “yes”.
5) After clicking on the settings above, now scroll down to
“Reboot System Now” and wait for your phone to reboot (restart).