The Good The Bad and The Ugly

Internet Online Security Info.

2600 NEWS






SpinRite 6.0 for Windows XP (NTFS),
FAT, Linux, Novell, and ALL OTHER file systems!

SpinRite now brings its legendary data recovery and drive maintenance magic to the latest file systems, operating systems, and hard drives. It runs MUCH faster than ever before, can help maintain all of your drives in tip top shape, can warn of impending disaster, and wrestle data from dying and nearly dead drives . . . before it's too late.

SpinRite 6.0 is now available for immediate purchase, upgrade, and download. This industry-standard data recovery tool is operating system independent, so it can be applied by users of Windows XP, 2000, Linux, and all other Intel/AMD PC‑platform hard drives and file systems.

Learn more about SpinRite v6.0

Read a few SpinRite success stories from users
Steve Gibson & GRC Now Have Blogs!
GRC's Announcements Blog
The GRC corporate news
and announcements blog
is at: blog.grc.com
After eleven years, GRC will be formally discontinuing its eMailing list. The trouble was that it had grown SO large (currently 793,989 subscribers) that it had become impossible for us to mail anything without being flagged as a massive Internet spammer. So from now on we'll be using our corporate blog, to which you can subscribe, to announce new GRC services, features, freeware and software. Jump over there and subscribe now! blog.grc.com.
Steve's Personal Blog
Steve's own thoughts
and commentary blog
is at: steve.grc.com
If you'd like to know more about what's currently going on in Steve's head, learn of his discoveries, and in general what's happening (with many more updates than the corporate account) he'll be putting all of that up on his personal blog, to which you can also subscribe: steve.grc.com
Introducing Our Newest Security Freeware: SecurAble
saOnYellow
Quickly determine which state-of-the-art security features are being offered by your system's processor chip.
Recent AMD and Intel processors contain three features which can be extremely beneficial to the system's overall security. SecurAble probes the system's processor to determine the presence, absence and operational status of each of these three modern processor features.
Click to jump to SecurAble's information and download page.
The DCOMbobulator
1,775,451 downloads.
DCOMbobulator allows any Windows user to easily verify the effectiveness of Microsoft's recent critical DCOM patch. Confirmed reports have demonstrated that the patch is not always effective in eliminating DCOM's remote exploit vulnerability. But more importantly, since DCOM is a virtually unused and unneeded facility, the DCOMbobulator allows any Windows user to easily disable DCOM for significantly greater security.
Shoot The Messenger
2,317,473 downloads.
Even before the latest DCOM/RPC vulnerability (see above), many Windows users were being annoyed by "pop-up spam" notices appearing on their desktops. This intrusion is also facilitated by an exploitation of port 135. Our free "Shoot The Messenger" utility furthers the security of Windows by quickly and easily shutting down the "Windows Messenger" server that should never have been running by default in the first place.
UnPlug n' Pray
3,054,727 downloads
As originally urged by the FBI, and still urged by prominent security experts, our UnPnP utility easily disables the dangerous, and almost always unnecessary, Universal Plug and Play service. If you don't need it, turn it off. (For ALL versions of Windows.)
XPdite
1,118,287 downloads.
A Critical Security Vulnerability Exists in Windows XP. (Surprise) Actually, as we know, there are many, but we'll handle them one at a time. This particular vulnerability allows the files contained in any specified directory on your system to be deleted if you click on a specially formed URL. This URL could appear anywhere: sent in malicious eMail, in a chat room, in a newsgroup posting, on a malicious web page, or even executed when your computer merely visits a malicious web page. It is already being exploited on the Internet.
GRC "Perfect Passwords" Generator
7,609,973 uses
Our server generates maximum entropy, ultra high quality, guaranteed unique custom password material for your use when securing and keying your WEP, WPA, VPN, or other network systems.
ID Serve
900,100 downloads
Since not all Internet servers are equally secure, knowing which server software a web site is using can be important to your security. Ultimately, the security of your personal data is your responsibility. This free utility can help.
Wizmo
1,071,492 downloads
Wizmo is a lightweight "Windows Gizmo" offering a wide array of handy Windows commands. With a single click it can power down monitors, trigger a screen saver, set audio volume, and much more. Wizmo also includes an intriguing highly customizable "Graviton" screen saver.







SpinRite 6.0
rated #1 since 1988
The most trusted and widely used utility ever written for mass storage data recovery and long-term maintenance. SpinRite is my masterpiece. If you don't already own or know about SpinRite, check out these pages. The future of your data could depend upon it. Here is an independent review of SpinRite 5.0, and here is Maximum PC's Feb. 2002 review.
ShieldsUP!
88,350,043 system tests
The Internet's quickest, most popular, reliable and trusted, free Internet security checkup and information service. And now in its Port Authority Edition, it's also the most powerful and complete. Check your system here, and begin learning about using the Internet safely.
LeakTest
7,505,227 downloads
Ensure that your PC's personal firewall can not be easily fooled by malicious "Trojan" programs or viruses. Thanks to this first version of LeakTest, most personal firewalls are now safe from such simple exploitation.

GRC | Gibson Research Corporation Home Page

This my main Security website; I have been with GRC since 1996 and that have one of the best online Internet Security Check up tool on the Internet today call Shield-UP! This is just the basic content of this website if you click on the link above you will have the full content of ths Great Security Information Underground website.


------------------------------------------------------------------------------

OnGuard Online: Tips to help you stay safe and secure onlineAbout Us

OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against internet fraud, secure your computer, and protect your personal information.
The Federal Trade Commission (FTC) maintains OnGuardOnline.gov with significant contributions from partners on this page. The Flash tutorials were created by the Internet Education Foundation (IEF).

Check out the FTC’s free online security tips and resources, and share with your friends, family, coworkers, and community.

Online Security Tips

Learn how to protect your personal information and devices online and on-the-go.

Computer Security

Watch this video for tips to help you secure your computer and protect yourself from hackers, scammers, and identity thieves.

Computer Security
Use these computer security tips to help protect your computer and your personal information.

Public Wi-Fi Networks

Wi-Fi hotspots — like the ones in coffee shops, airports, and hotels — are convenient, but they often aren’t secure. Use these tips to help protect your personal information.

Public Wi-Fi Networks
If you use public Wi-Fi networks, take these steps to protect your personal information.

Common Online Scams

Learn how to recognize common online scams, and check out these 10 practical tips to help you stay a step ahead of scammers.

For Educators & Parents

Net Cetera Toolkit

Regardless of your experience as a speaker — or your expertise in online safety — this toolkit has the resources and information you need to convey key points about kids' online safety.

Just for You: Educators

Whether you need a game for a classroom activity, videos to share on social media with parents in your community, or an article to use in your workplace newsletter, you can find it here.

Just for You: Parents

The best way to protect your kids online? Talk to them. Kids rely on their parents for important information – like how to be safe and responsible online. Here are some resources to help you get started.

Videos & Games

These short videos and classic games offer an interactive way to get a step ahead of hackers and scammers. Learn how to protect your devices and personal information, and check out additional videos and games in our media center.

Videos

Games

These classic games may not work on your mobile device.

Ways to Share

  • Link to, copy, or adapt any of our content. There are no copyright restrictions, so share as much as you’d like!
  • Embed our videos on your blog, site, or social media. You’ll find embed code in our media center.
  • Order free publications to hand out at events or conferences — or just to give out in your community.

Learn More

Federal Trade Commission: Protecting America's Consumers

Federal Trade Commission

The FTC, the nation's consumer protection agency, works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. Consumers can file a complaint or get free information on consumer issues from ftc.gov. The FTC enters internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

Image result for homeland security

Department of Homeland Security

The Department of Homeland Security computer security division is the National Cyber Security Division (NCSD). Its mission is to work collaboratively with public, private, and international entities to secure cyberspace and America's cyber assets. NCSD coordinates efforts to protect the overall cyber infrastructure through analysis, warning, information sharing, vulnerability reduction, mitigation, and aiding national recovery efforts for critical information systems. NCSD's 24/7 internet watch and warning center, US-CERT, sends out regular Cyber Alerts and Tips. Visit www.uscert.gov to learn more.

Image result for internal revenue service

Internal Revenue Service

The IRS is a bureau of the Department of the Treasury and one of the world's most efficient tax administrators. In 2004, the IRS collected more than $2 trillion in revenue and processed more than 224 million tax returns. Its mission is to provide America's taxpayers top quality service by helping them understand and meet their tax responsibilities and by applying the tax law with integrity and fairness to all.

Image result for united postal service

United States Postal Inspection Service

The United States Postal Inspection Service fights criminals who attack our nation's postal system and misuse it to defraud, endanger, or otherwise threaten the American public. As the primary law enforcement arm of the United States Postal Service, the Postal Inspection Service is a highly specialized, professional organization performing investigative and security functions essential to a stable and sound postal system.

Image result for department of commerce

Department of Commerce, Technology Administration

The Department of Commerce's Technology Administration (TA) advocates for technological innovation; analyzes factors that affect U.S. technological innovation and competitiveness; develops and promotes measurements, standards and technology to enhance productivity, trade and the quality of life; and provides access to information that stimulates innovation and discovery.

Image result for security and exchange commission

Securities and Exchange Commission

The mission of the United States Securities and Exchange Commission is to protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation. The SEC seeks to detect problems in the securities markets, prevent and deter violations of federal securities laws, and alert investors to possible wrongdoing. For tips on how to invest wisely and avoid costly mistakes, visit www.sec.gov/investor.shtml.

Image result for naval criminal investigative service

Naval Criminal Investigative Service

As the primary law enforcement and counterintelligence agency for the Department of Navy, the Naval Criminal Investigative Service (NCIS) is dedicated to protecting the men, women, ships, planes, and resources of America's seagoing expeditionary forces worldwide. NCIS works closely with other local, state, federal, and foreign agencies to counter and investigate the most serious crimes: terrorism, espionage, computer intrusion, homicide, rape, child abuse, arson, procurement fraud, and more. Visit www.ncis.navy.mil to learn more.

Image result for u.s. army criminal investigation command

U.S. Army Criminal Investigation Command

The U.S. Army Criminal Investigation Command (CID) conducts felony-level criminal investigations that involve the Army’s global community. CID investigations frequently include crimes against persons, procurement fraud, and cyber crime. CID also operates the Army’s Criminal Investigation Laboratory, provides protective security for senior Army and Defense Department leaders, and analyzes criminal intelligence to support investigations.

Image result for federal deposit insurance corporation

Federal Deposit Insurance Corporation

The Federal Deposit Insurance Corporation (FDIC) is an independent agency created by the Congress that maintains the stability and public confidence in the nation’s financial system by insuring deposits, examining and supervising financial institutions, and managing receiverships.

Image result for commodity futures trading commission

Commodity Futures Trading Commission

The Commodity Futures Trading Commission (CFTC) regulates commodity futures and option markets in the United States. The CFTC assures the economic utility of the futures markets by encouraging their competitiveness and efficiency, protecting market participants against fraud, manipulation, and abusive trading practices, and by ensuring the financial integrity of the clearing process. Through effective oversight, the CFTC enables the futures markets to serve the important function of providing a means for price discovery and offsetting price risk.

Image result for federal communications commission

Federal Communications Commission

The Federal Communications Commission (FCC), an independent United States government agency, is charged with regulating interstate and international communications by radio, television, wire, satellite and cable.
---------------------------------------------------------------------------------------------
 PC MAG.COM

12 Free Security Software Tools

Social Sharing Sponsored by:

 

By: Neil J. Rubenking
  • 12 Free Security Apps
Just because the recession has left you penniless doesn't mean you can't keep your computer safe: Here are a dozen security apps that don't cost a thing.
Buzz up!on Yahoo!
Things are tough all over, and every day brings new headlines wailing economic doom and gloom. Chrysler went bankrupt. GM just went bankrupt. California may go bankrupt! You've been forced to take a pay cut, your student loan repayment forgiveness plan got canceled, and your house is worth half of what you paid for it. Now, on top of all that, your security software is coming up for renewal. Maybe this year you just can't afford to shell out hard-earned cash for security software. Does that mean you have to leave your system open to all the malicious programs out there? Nope. In this roundup, I'll show you a dozen choice apps that you can use to cobble together a suite that'll keep your PC safe without costing you a single penny.

Now, don't get me wrong. If you can scrape up the cash you'll be better off with a full-powered security suite. A product like Norton Internet Security 2009, our Editors' Choice, takes care of all your security needs in a single package. You won't have to worry about maintaining compatibility between different components or handling a half-dozen different update cycles. And in most cases (but not all) the commercial solutions are more effective. But with a little effort your free suite can come pretty close. Free Anti-Malware
Today more than ever, you need to protect your computer systems against intrusion by spyware, viruses, Trojans, and the like. Malware is big business now. Programmers for the Dark Side write tight, tested, evil code for pay, and their bosses rake in money by capturing passwords, stealing credit card numbers, and duping the gullible. Now there's a business sector that's booming! Fortunately you can protect yourself without shelling out a penny. It's true that paid solutions like Prevx 3.0, Spyware Doctor with AntiVirus 6, and Webroot AntiVirus with AntiSpyware 6.1 score better than the freebies in testing, but you can improve your defenses by layering multiple free products.
Yes, I always advise against running more than one real-time anti-malware product, since there can be conflicts. In particular, I wouldn't use avast! antivirus 4.8 Home Edition and AVG Anti-Virus Free 8.0 together, since they are both traditional signature-based products with real-time protection. But the free edition of MalwareBytes' Anti-Malware 1.36 is a scan-only product with no real-time protection, which makes it safer as a companion product for either.
Adding behavior-based protection to your traditional signature-based protection naturally increases your coverage. The behavior-based zero-day threat protection in ThreatFire 4.5 is specifically designed to work alongside signature-based products. Panda Cloud Antivirus also includes behavioral detection, and it keeps its intelligence in the cloud, not on your PC. It's not as fast or powerful as Prevx, another in-the-cloud product, but it's a free, lightweight addition.
Free Spam Filtering
Wouldn't you like some good news for a change? Want free money from a long-lost relative in Nigeria? Hope to win a European lottery that you didn't even enter? Just check your e-mail! Spammers may well have filled it with messages of hope…false hope, that is. Spam about V!agra and Ci@lis is down; spam about money is up—not surprising these days. And, hey, if "your bank" sends an e-mail about some dire account problem that will send you to the poorhouse, don't click any links. Navigate directly to the bank site yourself. Of course, a decent antispam app could fix that problem, too.
Maybe you're one of the lucky ones whose ISP or Web-based e-mail provider includes server-level spam filtering as part of the service. But if spam is reaching your inbox you can rely on the free SPAMfighter Standard to keep it out. Like the highly successful commercial products Cloudmark Desktop and iHateSpam, SPAMfighter is a community-based filter. That means it will let through a small amount of spam (less than most other antispam products), but it will never throw a valid personal message into the spam bin. It inserts a small advertising footer in your outgoing messages, but that's a small price to pay.
Free Firewall
When old-timers fell on hard times, they'd describe their plight by moaning, "The wolf is at the door!" These days we might say, "The hacker is at the port." If you don't have some kind of firewall protection, a hacker or network-based worm could waltz right in through an open port and take control of your computer. Certainly, if you have no other protection, you should make sure the Windows Firewall in XP or Vista is turned on.
Free third-party personal firewalls ZoneAlarm 8.0 and Comodo Firewall Pro 3.0 do more than the built-in, though. Naturally they block hack attacks, masking your computer's ports so they're completely invisible from the outside. But they also protect against betrayal from within by limiting which programs are allowed to connect with the Internet. Initially they can be noisy, popping up a flood of queries asking whether this or that program should be allowed access. After a while, the pop-ups diminish. Comodo does automatically configure access for many programs, which may cut down on pop-ups. ZoneAlarm reserves automatic configuration for its paid versions.—Next: Free Parental Control and More >
Anti-Malware
avast! 4.8 Home Editionavast! antivirus 4.8 Home Edition

Its virus protection isn't far behind that of the top antivirus products. It removes spyware nearly as well as the top antispyware, and its resident protection against new infestation is excellent. This is some seriously impressive protection, considering that it's free for personal use.
AVG Security Suite 8AVG Anti-Virus Free 8.0

AVG Anti-Virus Free 8.0's protection is nearly as good as that of the top for-pay antivirus and antispyware products. Scanning of search links for dangerous pages is an added bonus. And as long as it's for your personal home use, it's free!
MalwareBytesMalwarebytes' Anti-Malware 1.36

Malwarebytes' Anti-Malware does a good job of cleaning up malware, especially those annoying rogue security programs, though it's not effective against commercial keyloggers or rootkits. And the real-time protection in the extra-cost Pro edition isn't worth the money. But be sure to add the free edition to your security arsenal.
Panda Security logoPanda Cloud Antivirus 0.9 Beta

This lightweight, attractive, free anti-malware tool uses no signatures. All malware detection occurs online. Some snags I hit in testing indicate that Panda still has a little work to do on this beta. But even now it's effective at protecting a clean system.
ThreatFire 4.5: Main ScreenThreatFire 4.5

Your standard signature-based anti-malware utility catches most things that attack your computer. ThreatFire offers supplemental protection against zero-day attacks that are too new to have a signature. It's a fine, free addition to your security arsenal—I use it myself.
Antispam
SPAMfighter StandardSPAMfighter Standard

If you need free spam filtering and don't mind having an advertising footer added to all your outgoing messages, this is a great solution. It's nearly as effective as the best community-based filters. If you need the features of the $29 Pro edition, though, I'd suggest looking at iHateSpam ($19.95) or Cloudmark Desktop ($39.95) instead.
Firewall
Comodo Firewall Pro 3.0Comodo Firewall Pro 3.0
Editors
Comodo Firewall Pro 3.0 aces all the basic personal firewall tasks. Its Defense+ module protects critical system areas. Yes, Defense+ flags both good and bad programs, but Installation mode can cut down the hassle factor. Best of all, it's totally free for personal or professional use.
ZoneAlarm 8.0 : Two ZonesZoneAlarm 8.0

ZoneAlarm 8.0 offers effective basic personal firewall protection at a fantastic price—free! But if you want advanced features like automatic program control configuration, exploit prevention, or behavior-based operating-system protection, you'll have to upgrade to the paid version.
Parental
K9 Web Protection 4.0: AdministrationK9 Web Protection 4.0

This parental-control utility lacks many features found in the competition, most notably the ability to define different settings for different users. But what it does, it does well. If you can live within its limitations it's a good, free choice.
OnlineFamily.NortonOnlineFamily.Norton

This free Web-based product has everything you'd expect in a parental-control system, and more. It blocks bad sites, controls time on the computer, supervises chat, and even watches social network use on all your PCs and Macs. Settings are stored in the cloud, making remote configuration and reporting simple.
Password Management
LastPass 1.50LastPass 1.50
Editors
LastPass is a free, feature-rich password manager and Web form filler. It has almost every software feature found in any competitor, plus some unique features of its own. Numerous mobility options mean you can use it wherever you are.
Utility
AppRemover 1.5AppRemover 1.5

AppRemover aims to clean up traces of old security products that keep you from installing a new one. It doesn't support uninstallation of every product and doesn't successfully clean out all those it does support. Still, give it a try if you're vexed by "stuck" security. It's free, it's lightweight, and it couldn't hurt.

-----------------------------------------------------------------------------




Anarchy
Organizations, files, texts and other materials devoted to anarchy
 
Anonymity
Re-mailers, tools, proxies and information regarding anonymity
Articles
Articles about hackers, computer security...
Attacks
Denial of service (DOS) attacks, nuking and spamming, disaster recovery
 
Books
Books devoted to computer security, hacking and underground
Cracking
Password cracking, groups and cracks databases
 
Cyberlaw
Organizations, cyber crimes, computer espionage, interesting cases, etc
Encryption
Everything about cryptography: pgp, des, texts and researches
Exploits
Sites with exploits for all system platforms. (linux, win, irix, solaris ...)
Forums
Mailing lists, newsgroups, chat rooms, meetings and conventions
 
Hackers
Hackers' homepages, hacking organizations and groups; hacked websites
Hacking
Sniffers, social engineering, spoofers, trojans, Novell/NT hacking
News
Freshest news about hackers, underground and computer security
OS Security
Info and files to protect your OS against different exploits or attacks
Phreaking
How to call for free: tools, guides, texts
Security
Organizations and research teams, info how to protect your system
Virii
Information about virii: how do they work, where to find antivirus programs, how to write one
Webmaster's Corner
How to promote your hpvca site, where to host it, top lists, banner exchanges
Zines
E-Zines related to computer underground and security

Image result for the hacker quarterly


2600: The Hacker Quarterly







   

The Hacker Quarterly Website,  2600: The Hacker Quarterly is an American seasonal publication of technical information and articles, many of which are written and submitted by the readership, on a variety of subjects including hacking, telephone switching systems, Internet protocols and services, as well as general news concerning the computer "underground".
With origins in the phreaking community and late 20th century counterculture2600 and its associated conference transitioned to coverage of modern hacker culture, and the magazine has become a platform for speaking out against increased digital surveillanceand advocacy of personal and digital freedoms.


Wikipedia:Internet security

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Internet security is a branch of computer security specifically related to the Internet. Its objective is to establish rules and measure to use against attacks over the Internet.[1] The Internet represents an insecure channel for exchanging information leading to a high risk of intrusion or fraud, such as phishing.[2] Different methods have been used to protect the transfer of data, including encryption.

Contents

[hide]

[edit] Types of security

[edit] Network layer security

TCP/IP can be made secure with the help of cryptographic methods and protocols that have been developed for securing communications on the Internet. These protocols include SSL and TLS for web traffic, PGP for email, and IPsec for the network layer security.

[edit] IPsec Protocol

This protocol is designed to protect communication in a secure manner using TCP/IP. This is a set of security extensions developed by IETF and it provides security and authentication at the IP layer by using cryptography. To protect the content, the data is transformed using encryption techniques. There are two main types of transformation that form the basis of IPsec: the Authentication Header (AH) and Encapsulating Security Payload (ESP). These two protocols provide data integrity, data origin authentication, and anti-reply service. These protocols can be used alone or in combination to provide desired set of security services for the Internet Protocol (IP) layer.
The basic components of the IPsec security architecture are described in terms of the following functionalities:
  • Security protocols for AH and ESP
  • Security association for policy management and traffic processing
  • Manual and automatic key management for the internet key exchange (IKE)
  • Algorithms for authentication and encryption
The set of security services provided at the IP layer include access control, data origin integrity, protection against replays, and confidentiality. The algorithm allows these sets to work independently without affecting other parts of the implementation. The IPsec implementation is operated in a host or security gateway environment giving protection to IP traffic.

[edit] Electronic mail security (E-mail)

[edit] Background

Email messages are composed, delivered, and stored is helpful in a multiple step process, which starts with the message's composition. When the user finishes composing the message and sends it, the message is transformed into a standard format: an RFC 2822 formatted message. Afterwards, the message can be transmitted. Using a network connection, the mail client, referred to as a mail user agent (MUA), connects to a mail transfer agent (MTA) operating on the mail server; the mail client then provides the sender’s identity to the server. Next, using the mail server commands, the client sends the recipient list to the mail server; the client then supplies the message. Once the mail server receives and processes the message, several events occur: recipient server identification, connection establishment, and message transmission. Using Domain Name System (DNS) services, the sender’s mail server determines the mail server(s) for the recipient(s). Then, the server opens up a connection(s) to the recipient mail server(s) and sends the message employing a process similar to that used by the originating client, delivering the message to the recipient(s).

[edit] Pretty Good Privacy (PGP)

PGP provides confidentiality by encrypting messages to be transmitted or data files to be stored using an encryption algorithm such 3DES or CAST-128. Email messages can be protected by using cryptography in various ways, such as the following:
  • Signing an email message to ensure its integrity and confirm the identity of its sender.
  • Encrypting the body of an email message to ensure its confidentiality.
  • Encrypting the communications between mail servers to protect the confidentiality of both the message body and message header.
The first two methods, message signing and message body encryption, are often used together; however, encrypting the transmissions between mail servers is typically used only when two organizations want to protect emails regularly sent between each other. For example, the organizations could establish a virtual private network (VPN) to encrypt the communications between their mail servers over the Internet.[3] Unlike methods that can only encrypt a message body, a VPN can encrypt entire messages, including email header information such as senders, recipients, and subjects. In some cases, organizations may need to protect header information. However, a VPN solution alone cannot provide a message signing mechanism, nor can it provide protection for email messages along the entire route from sender to recipient.

[edit] Multipurpose Internet Mail Extensions (MIME)

MIME transforms non-ASCII data at the sender's site to Network Virtual Terminal (NVT) ASCII data and delivers it to client's Simple Mail Transfer Protocol (SMTP) to be sent through the internet.[4] The server SMTP at the receiver's side receives the NVT ASCII data and delivers it to MIME to be transformed back to the original non-ASCII data.
  • Secure/Multipurpose Internet Mail Extensions (S/MIME)
S/MIME provides a consistent means to securely send and receive MIME data. S/MIME is not only limited to email but can be used with any transport mechanism that carries MIME data, such Hypertext Transfer Protocol (HTTP).[5]

[edit] Firewalls

A firewall controls access between networks. It generally consists of gateways and filters which vary from one firewall to another. Firewalls also screen network traffic and are able to block traffic that is dangerous. Firewalls act as the intermediate server between SMTP and HTTP connections.

[edit] Role of Firewalls in Internet Security

Firewalls impose restrictions on incoming and outgoing packets to and from private networks. All the traffic, whether incoming or outgoing, must pass through the firewall; only authorized traffic is allowed to pass through it. Firewalls create checkpoints between an internal private network and the public Internet, also known as choke points. Firewalls can create choke points based on IP source and TCP port number. They can also serve as the platform for IPsec. Using tunnel mode capability, firewall can be used to implement VPNs. Firewalls can also limit network exposure by hiding the internal network system and information from the public Internet.

[edit] Types of firewalls

[edit] Packet Filters

Packet filters are one of several different types of firewalls that process network traffic on packet-by-packet basis. Their main job is to filter traffic from a remote IP host, so a router is needed to connect the internal network to the internet. The router is known as a screening router, which screens packets leaving and entering the network.

[edit] Circuit-Level Gateways

The Circuit-Level Gateway is a proxy server that statically defines what traffic will be allowed. Circuit proxies always forward packets containing a given port number, provided the port number is permitted by the rules set. This gateway operates at the network level of an OSI model. The main advantage of proxy server is its ability to provide Network Address Translation (NAT), which can hide the user's IP address from the Internet, effectively protecting all internal information from the Internet.

[edit] Application-Level Gateways

An application-level gateway is a proxy server operating at the TCP/IP application level. A packet is forwarded only if a connection is established using a known protocol. Application-level gateways are notable for analyzing entire messages rather than individual packets of data when the data are being sent or received.

[edit] Malicious software and antivirus

[edit] Malware

Commonly, a computer user can be tricked or forced into downloading software onto a computer that is of malicious intent. Such programs are known as malware and come in many forms, such as viruses, Trojan horses, spyware, and worms. Malicious software is sometimes used to form botnets.

[edit] Viruses

Viruses are programs that can replicate their structures or effects by infecting other files or structures on a computer. The common use of a virus is to take over a computer to steal data.

[edit] Trojan horse

A Trojan horse (commonly known as a Trojan) is a general term for malicious software that pretends to be harmless so that a user willingly allows it to be downloaded onto the computer.

[edit] Spyware

The term spyware referrs to programs that surreptitiously monitor activity on a computer system and report that information to others without the user's consent.

[edit] Worms

Worms are programs that can replicate themselves thoughout a computer network, performing malicious tasks throughout.

[edit] Botnet

A botnet is a network of "zombie" computers that have been taken over by a "bot" that performs large-scale malicious acts for the creator of the botnet.

[edit] Antivirus

Antivirus programs and Internet security programs are useful in protecting a computer or programmable device from malware.
Such programs are used to detect and usually eliminate viruses; however, it is now common to see security suites, containing also firewalls, anti-spyware, theft protection, and so on to more thoroughly protect users [6].
Traditionally, a user would pay for antivirus software; however, computer users now can, and do, download from a host of free security applications on the Internet.[7]

[edit] Browser choice

Wikipedia Internet Security

Image result for SANS Cyber Aces

SANS Cyber Aces Online Courses


Learn the fundamentals of cybersecurity.

SANS Cyber Aces Online makes available, free and online, selected courses from the professional development curriculum offered by The SANS Institute, the global leader in cyber security training. SANS goal in making these courses available as open courseware is to help grow the talent pool and accelerate the rate at which skilled cyber professionals can enter the information security industry – filling mission critical jobs currently going unfilled.
The open courses are the same as those offered to information security professionals around the world and are focused on the fundamentals of cyber security.
Our hope is that individuals, schools, teachers, businesses, and more will benefit from this offering and, ultimately, help strengthen the security of our nation.
For anyone with an interest in learning more about making online information more secure, this course teaches the core concepts needed to understand, assess, and protect information security systems.
SANS Cyber Aces Online

2 comments:

Cursos Online Bonificados said...

This blog is quite interesting. Anyone who reads this blog with interest will get more information about the online course. Also you can visit us cursos con tablet de regalo

Darkbird18 said...

No problem aarzoo, glad to be of service, stay tight!

Darkbird18