What is Proxy means

In computer networks, a proxy server is a server, that could be a computer system or an application program that acts as a go-between for requests from clients seeking resources from other servers. In other word, proxy server called man in the midle between real server on internet and the client. Simple work from a proxy server, client connects to server, requesting some service, such as a file, connection, web page, or other resource, available from a different server that allocate on other network. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by protocol, time access, or IP address. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly. With this use, our connection to internet will be more simple because we didn't need to contact the real server to have what we want. We can set our proxy server to update the data to synchronous with the real server.
A proxy server has two main purposes:

• To keep machines behind it anonymous. It's really help us to keep our privacy and network security.
  
• To speed up access to a resource (via caching). It is commonly used to cache web pages from a web server.

A proxy server that passes requests and replies unmodified is usually called a gateway or sometimes tunneling proxy. A proxy server can be placed in the user's local computer or at various points between the user and the destination servers or the Internet. A reverse proxy is a proxy used as a front-end to accelerate and cache in-demand resources (such as a web page).

What is VPS??

A Virtual Private Server (VPS) is a hosting environment that combines the benefits of both shared hosting and dedicated hosting. It does this by creating a virtual server that runs inside a hardware server via a specially designed partition.

Each Virtual Private Server partition runs its own operating system in a secure and private environment and cannot be accessed or interrupted by its neighbours. This system gives you the same level of root access as a dedicated server whilst sharing the cost of the hardware. With a VPS you are virtually running your own server but at a fraction of the cost.
The flexibility of a dedicated server

Users share system resources, such as the CPU and memory, but unlike shared hosting (a virtual host on a shared hardware server ) the file system is fully partitioned. This means that up-time is more consistent; while root access to the server provides the flexibility to add and change modules and to install your own software.
As cost effective as shared hosting

Partitioning a single hardware server into multiple servers is nothing new. In fact, mainframe computers have long been partitioned into multiples. In 1996, Japanese giant Verio started to migrate the technique into hosting as a highly cost-effective storage solution.
How much technical knowledge do I need?

All our VPS options include the Plesk control panel, which makes it easier to administer your websites and services.

However, because a VPS gives you root-level access, allowing you to install whatever software you like, you will need some technical knowledge and understanding of how servers work to run a VPS effectively.
Why call it VPS 2.0?

We've called our new VPS range VPS 2.0 because of our next generation improvements to both performance and hardware. Our servers are 9th generation Dell machines with embedded Intel® Virtualization (VT®) optimisation in the Intel® boards. They are designed by Dell specifically to ramp up VPS performance.

The inclusion of the very latest range of software and control panels for Windows and Linux is accompanied by price reductions across the range so we're increasing performance, features and value at exactly the same time.
Powerful partnerships working for you

We've partnered with SWsoft to offer you a choice between Ubuntu Linux and Microsoft Windows virtual private server systems, making us the first UK host to deliver Windows SQL Server 2005 VPS hosting using the latest Plesk 8 and Virtuozzo Power Panel technology.

All VPS 2.0 systems are hosted on Dell PowerEdge 2950 servers with quad-core Intel® Xeon® processors for maximum multi-tasking performance and 15,000 RPM SCSI RAID 10 drives for data speed and integrity.

As we're a certified Intel Server Centre of Excellence using a Tier 1 Network with 50,000 Mbit Connectivity, you can also trust we set the access, speed and safety benchmarks you need.

source

Routing Versus Bridging

When Connecting to the Wireless, xDSL or Cable Network

Summary:

As wireless, cable and xDSL technologies emerge, a growing consideration is how to connect to the network. Although much can be said about different methods, it really boils down to two: bridging or routing. Now for those experienced in networking, they will know that this question has been around since routing and bridging technologies have been. However the new element here is that the discussions always centered on LAN’s and/or private WAN’s. When connecting to the Internet there are new considerations to keep in mind when making your decision. This technical document is geared for those who need assistance in the decision for choosing what equipment and how to connect to the cable or xDSL network.

Background:

Now before we can argue routing versus bridging (or vice versa for that matter) we need to be clear on what both devices are and how they behave. So let’s define each one:

Bridge:

A bridge is a device that connects two segments of the same network. The two networks being connected can be alike or dissimilar. Unlike routers, bridges are protocol-independent. They simply forward packets without analyzing and re-routing messages.

Router:

A router is a device that connects two distinct networks. Routers are similar to bridges, but provide additional functionality, such as the ability to filter messages and forward them to different places based on various criteria. The Internet uses routers extensively to forward packets from one host to another.

Based on these definitions we can see that key difference between a bridge and router is that a bridge does not look at protocols and a router does. A bridge does not look at traffic for the purpose of allowing or disallowing it, and it does not decide what to do with certain types of traffic; it simply moves data from one network to another. Whereas a router examines protocols and decides what to do with each packet based on defined criteria.

Router vs. Bridge in Cable & DSL Environments

When you order Internet access either via a cable or xDSL connection, they will offer you a bridge (although it may often be called a “modem,” it is a bridge). These are very low cost (usually around $200,) and will connect your machine to the ISP’s network. Now this is a cost-effective solution, however there are some very apparent reasons on why you should consider a router over a bridge. Let’s look at an example to illustrate this point

Security Risk: In this example, we have two different customers bridged to the Internet using the same ISP. You can see that both customers have IP addresses on the same IP network. This means that broadcast from Customer A’s network will propagate to Customer’s B network. For example if machines on both networks are utilizing file and print services through the Windows Network, it is perfectly plausible (and has happened) that machines from Customer A can show up in the Network Neighborhood of Machines on Customer B’s network. Now for security reasons alone this is a very undesirable situation.

Everyone is talking about firewalls, filtering, etc. Many people connecting to the Internet today do not realize how vulnerable they are to attacks from the Internet. When utilizing a dial up connection, the exposure is only for the time you are connected, however, along with the all the benefits of a permanent connection, there is a big drawback: your network is exposed to the Internet 24 hours a day, 7 days a week. When you are at home asleep, it could be quite possible someone out there is working away at your network in the hopes of destroying or stealing data. Although this is not a pleasant thought there are very simple means to prevent this happening.

The first thing is have a routed account. With a routed account you have a device examining all traffic before it enters your network. This means that traffic not destined for your network will not be routed to your LAN, broadcast storms, and other network related issues on other networks connecting to your ISP will not effect your network. Now the biggest gain from a routed account is security. A Router has the ability to filter Internet traffic. This means the router connecting you to the Internet can discriminate which traffic it will allow into your network, and which traffic it will not. A Router also has the ability to “hide” all of the IP addresses on your network and make them appear as if the were only one IP address out on the Internet. By doing this, you have just eliminated 90% of all security threats.

Other Benefits: Aside from security other benefits of using a Router over a bridge include:

· You will have a contiguous block of IP addresses, rather than sporadic address across a network.

· A Router can use DHCP to assign workstations addresses on the LAN, preventing specific configuration in each device.

· A router has the ability to use NAT (Network Address Translation), thus only requiring you to obtain 1 IP address from your ISP. Cost saving as well as security enhancement

For the above reasons it seems quite clear that a routed account has distinct advantages over a bridged connection. For wireless bridge connections an Ethernet broadband router can be placed between the bridge and the LAN, thus providing all the benefits of routing to cable, ADSL and other environments.

source

What is the purpose of Wi-Fi ad-hoc mode? Why would I use it?

The 802.11 standard defines two modes of operation: Infrastructure mode, where all stations communicate through an access point, and ad-hoc mode, where stations communicate directly without the help of an intermediary. Ad-hoc mode can be useful for temporary peer-to-peer applications, such as when two laptop users want to exchange files over Wi-Fi.

Most businesses discourage use of ad-hoc mode because they prefer to enforce corporate security policy at the access point and gateway or switch connected to the access point. Users that communicate directly over ad-hoc mode essentially bypass those security measures. Ad-hoc mode can even be used as an attack method. For example, a Windows XP PC that previously associated to an access point with a given name (SSID) can be tricked into automatically re-associating in Ad-hoc mode to an attacker's laptop that advertises that SSID. You avoid this attack by configuring XP (or any other wireless client software) to associate to preferred SSIDs in infrastructure mode only.

On the other hand, several vendors are now using ad-hoc mode as the foundation for building wireless mesh networks. Mesh networks have many applications, including outdoor metropolitan networks and mobile ad-hoc networks (MANETs). To learn more about Ad-hoc mode and its use in mesh networks, visit this NIST resource page. A standard for mesh networks is now under development, designated IEEE 802.11s.

In short, ad-hoc mode has many constructive uses, but unless you have a specific reason for enabling, your safest best today is to disable ad-hoc mode to prevent unwanted or risky associations.


source

What is Hub

In general, a hub is the central part of a wheel where the spokes come together. The term is familiar to frequent fliers who travel through airport "hubs" to make connecting flights from one point to another. In data communications, a hub is a place of convergence where data arrives from one or more directions and is forwarded out in one or more other directions. A hub usually includes a switch of some kind. (And a product that is called a "switch" could usually be considered a hub as well.) The distinction seems to be that the hub is the place where data comes together and the switch is what determines how and where data is forwarded from the place where data comes together. Regarded in its switching aspects, a hub can also include a router.

1) In describing network topologies, a hub topology consists of a backbone (main circuit) to which a number of outgoing lines can be attached ("dropped"), each providing one or more connection port for device to attach to. For Internet users not connected to a local area network, this is the general topology used by your access provider. Other common network topologies are the bus network and the ring network. (Either of these could possibly feed into a hub network, using a bridge.)

2) As a network product, a hub may include a group of modem cards for dial-in users, a gateway card for connections to a local area network (for example, an Ethernet or a Token Ring), and a connection to a line (the main line in this example).

What is bridge in network world

In telecommunication networks, a bridge is a product that connects a local area network (LAN) to another local area network that uses the same protocol (for example, Ethernet or Token Ring). You can envision a bridge as being a device that decides whether a message from you to someone else is going to the local area network in your building or to someone on the local area network in the building across the street. A bridge examines each message on a LAN, "passing" those known to be within the same LAN, and forwarding those known to be on the other interconnected LAN (or LANs).

In bridging networks, computer or node addresses have no specific relationship to location. For this reason, messages are sent out to every address on the network and accepted only by the intended destination node. Bridges learn which addresses are on which network and develop a learning table so that subsequent messages can be forwarded to the right network.

Bridging networks are generally always interconnected local area networks since broadcasting every message to all possible destinations would flood a larger network with unnecessary traffic. For this reason, router networks such as the Internet use a scheme that assigns addresses to nodes so that a message or packet can be forwarded only in one general direction rather than forwarded in all directions.

A bridge works at the data-link (physical network) level of a network, copying a data frame from one network to the next network along the communications path.

A bridge is sometimes combined with a router in a product called a brouter.

source

Switch is .....

In a telecommunications network, a switch is a device that channels incoming data from any of multiple input ports to the specific output port that will take the data toward its intended destination. In the traditional circuit-switched telephone network, one or more switches are used to set up a dedicated though temporary connection or circuit for an exchange between two or more parties. On an Ethernet local area network (LAN), a switch determines from the physical device (Media Access Control or MAC) address in each incoming message frame which output port to forward it to and out of. In a wide area packet-switched network such as the Internet, a switch determines from the IP address in each packet which output port to use for the next part of its trip to the intended destination.

In the Open Systems Interconnection (OSI) communications model, a switch performs the layer 2 or Data-Link layer function. That is, it simply looks at each packet or data unit and determines from a physical address (the "MAC address") which device a data unit is intended for and switches it out toward that device. However, in wide area networks such as the Internet, the destination address requires a look-up in a routing table by a device known as a router. Some newer switches also perform routing functions (layer 3 or the Network layer functions in OSI) and are sometimes called IP switches.

On larger networks, the trip from one switch point to another in the network is called a hop. The time a switch takes to figure out where to forward a data unit is called its latency. The price paid for having the flexibility that switches provide in a network is this latency. Switches are found at the backbone and gateway levels of a network where one network connects with another and at the subnetwork level where data is being forwarded close to its destination or origin. The former are often known as core switches and the latter as desktop switches.

In the simplest networks, a switch is not required for messages that are sent and received within the network. For example, a local area network may be organized in a Token Ring or bus arrangement in which each possible destination inspects each message and reads any message with its address.

Circuit-Switching version Packet-Switching

A network's paths can be used exclusively for a certain duration by two or more parties and then switched for use to another set of parties. This type of "switching" is known as circuit-switching and is really a dedicated and continuously connected path for its duration. Today, an ordinary voice phone call generally uses circuit-switching.

Most data today is sent, using digital signals, over networks that use packet-switching. Using packet-switching, all network users can share the same paths at the same time and the particular route a data unit travels can be varied as conditions change. In packet-switching, a message is divided into packets, which are units of a certain number of bytes. The network addresses of the sender and of the destination are added to the packet. Each network point looks at the packet to see where to send it next. Packets in the same message may travel different routes and may not arrive in the same order that they were sent. At the destination, the packets in a message are collected and reassembled into the original message.

source

Router is ......

In packet-switched networks such as the Internet, a router is a device or, in some cases, software in a computer, that determines the next network point to which a packet should be forwarded toward its destination. The router is connected to at least two networks and decides which way to send each information packet based on its current understanding of the state of the networks it is connected to. A router is located at any gateway (where one network meets another), including each point-of-presence on the Internet. A router is often included as part of a network switch.

A router may create or maintain a table of the available routes and their conditions and use this information along with distance and cost algorithms to determine the best route for a given packet. Typically, a packet may travel through a number of network points with routers before arriving at its destination. Routing is a function associated with the Network layer (layer 3) in the standard model of network programming, the Open Systems Interconnection (OSI) model. A layer-3 switch is a switch that can perform routing functions.

An edge router is a router that interfaces with an asynchronous transfer mode (ATM) network. A brouter is a network bridge combined with a router.

For home and business computer users who have high-speed Internet connections such as cable, satellite, or DSL, a router can act as a hardware firewall. This is true even if the home or business has only one computer. Many engineers believe that the use of a router provides better protection against hacking than a software firewall, because no computer Internet Protocol address are directly exposed to the Internet. This makes port scans (a technique for exploring weaknesses) essentially impossible. In addition, a router does not consume computer resources as a software firewall does. Commercially manufactured routers are easy to install, reasonably priced, and available for hard-wired or wireless networks.

Microsoft Server 2008 Certification: Routing's Not Just For Cisco Exams Anymore!

by: Chris Bryant

Knowing routing theory and routing protocols has always been a big part of earning your CCNA and CCNP certifications. According to Microsoft's exam blueprints for the Server 2008 certification exams, that knowledge will also serve you well on your Microsoft exams.

The topic outline for the Configuring Windows Server 2008 Network Infrastructure exam (70-642) specifically mentions routing and routing protocols as exam topics. Specifically mentioned are RIP, OSPF, and static routing - three topics every CCNA and CCNP candidate will be well prepared to handle!

IPSec isn't part of the CCNA exam, but you'll see it on at least one CCNP exam, and it's also listed as a 70-642 exam topic. IPv6 and IPv4 addressing are both covered on the 70-642 as well.

Microsoft's website lists the following major skills you should expect to see on this exam:

Configuring IP addresses and Services (routing with RIP and OSPF, static routing, persistent routing, addressing, DHCP and DHCP options including relay agents, IPSec policies, Authentication Header and Encapsulating Security Payload, subnetting, supernetting)

Configuring Name Resolution (DNS configuration, zones, records, replication, and integration with Active Directory, and client computer name resolution techniques)

Configuring Network Access (includes NAT, VPNs, RADIUS, 802.1x authentication, MS-CHAP, firewalls, and remote authentication)

Configuring File And Print Services (self-explanatory)

Monitoring And Managing A Network Infrastructure (includes SNMP and Windows Server Update Services)

Your CCNA and CCNP preparation will not quite be enough to get you past this exam, but as you can see, it'll give you a great head start!

source:

Cisco green plan looks beyond routers

Cisco Systems wants to turn the enterprise data network into an electricity meter.
InfoWorld InfoClipz


Using open standards, the company wants to get server and storage vendors to collect and share information about their equipment and send it to Cisco routers and switches. The data could include power consumption, operating temperature and more. It's becoming a critical job, and because the network touches all IT resources across the enterprise, data collection should happen there, according to Paul Marcoux, vice president of green engineering.

Marcoux joined Cisco from American Power Conversion only about six weeks ago after Cisco created the position to overlook energy issues across all parts of the company. Networking gear itself makes up a much smaller portion of IT power consumption than do servers or storage, but Cisco plans to go beyond just making its own products more efficient.

Power is a growing issue in datacenters as the cost of energy rises and concerns about global climate change increase. Being able to collect and analyze information about power usage is a big part of the battle and becoming more crucial in the age of virtualization, according to Marcoux. Distributing storage and processing cycles without regard for power issues is not just inefficient, it's dangerous, he said.

If virtualization software looks at a process that requires more computing power or storage space, then enlists servers or storage devices that are near to overheating or running out of power, it could send a rack of servers over the edge and shut it down, Marcoux said. For that reason, the virtualization system needs to know the power status of all the resources it may call upon, he said.

By the same token, consolidated datacenters typically serve many departments of an enterprise and consume a lot of power, but those groups generally don't have to pay for their part of the power. In fact, the electricity bill often bypasses even the IT department, going to building management instead, Marcoux said. Collecting data about the power consumed by each device, and eventually by individual transactions, would allow enterprises to bill each department for the power it uses, he said.

Software on routers and switches would collect the information and then take actions or forward it on to separate building management, energy management or virtualization control systems, Marcoux said. Given the large amount of energy data to be processed, Cisco may introduce daughtercards for its platforms to provide extra computing power, he said. He hopes the technology will be in place and collecting information in enterprises within three years.

Because datacenters contain gear from so many vendors, open standards are the only way to make such a system work, according to Cisco. Fortunately, there already are several available standards, Marcoux said. Having standards already in place will help speed up adoption, Marcoux said.

"We're not trying to reinvent the wheel, we're just trying now to utilize the wheel," Marcoux said.

Cisco's proposal would represent a whole new role for networks beyond communications, said Burton Group analyst Dave Passmore. Server vendors might go along with the plan, but Cisco can't count on smooth sailing, he said. Centralized power regulation would play a role in overall management of the datacenter, an area where Cisco is attempting to make inroads with other initiatives as well.

"Who controls virtualization in the data center is going to be the new battleground," Passmore said.


source : http://www.infoworld.com/article/07/12/24/Cisco-green-plan-looks-beyond-routers_1.html

Virtual Local Area Network

Virtual LAN
From Wikipedia, the free encyclopedia


A virtual LAN, commonly known as a vLAN or as a VLAN, is a method of creating independent logical networks within a physical network. Several VLANs can co-exist within such a network. This helps in reducing the broadcast domain and aids in network administration by separating logical segments of a LAN (like company departments) that should not exchange data using a LAN (they still can exchange data by routing).
A VLAN consists of a network of computers that behave as if connected to the same link layer network - even though they may actually be physically connected to different segments of a LAN. Network administrators configure VLANs through software rather than hardware, which makes them extremely flexible. One of the biggest advantages of VLANs emerges when physically moving a computer to another location: it can stay on the same VLAN without the need for any hardware reconfiguration.

Advantages
Increase the number of broadcast domains but reduce the size of each broadcast domain, which in turn reduces network traffic and increases network security (both of which are hampered in cases of single large broadcast domains).
Reduce management effort to create subnetworks.
Reduce hardware requirement, as networks can be separated logically instead of physically.
Increase control over multiple traffic types.
Create multiple logical switches in a physical switch.

Protocols and design
The primary protocol currently used in configuring virtual LANs is IEEE 802.1Q, which describes how traffic on a single physical network can be partitioned into virtual LANs by tagging each frame or packet with extra bytes to denote which virtual network the packet belongs to.
Prior to the introduction of the 802.1Q standard, several proprietary protocols existed, such as Cisco's ISL (Inter-Switch Link, a variant of IEEE 802.10) and 3Com's VLT (Virtual LAN Trunk). ISL is no longer supported by Cisco.
Early network designers often configured VLANs with the aim of reducing the size of the collision domain in a large single Ethernet segment and thus improving performance. When Ethernet switches made this a non-issue (because each switch port is a collision domain), attention turned to reducing the size of the broadcast domain at the MAC layer. Virtual networks can also serve to restrict access to network resources without regard to physical topology of the network, although the strength of this method remains debatable as VLAN Hopping is a common means of bypassing such security measures.
Virtual LANs operate at Layer 2 (the data link layer) of the OSI model. However, administrators often configure a VLAN to map directly to an IP network, or subnet, which gives the appearance of involving Layer 3 (the network layer).
In the context of VLANs, the term "trunk" denotes a network link carrying multiple VLANs, which are identified by labels (or "tags") inserted into their packets. Such trunks must run between "tagged ports" of VLAN-aware devices, so they are often switch-to-switch or switch-to-router links rather than links to hosts. (Confusingly, the term 'trunk' is also used for what Cisco calls "channels" : Link Aggregation or Port Trunking). A router (Layer 3 device) serves as the backbone for network traffic going across different VLANs.
On Cisco devices, VTP (VLAN Trunking Protocol) allows for VLAN domains, which can aid in administrative tasks. VTP also allows "pruning", which involves directing specific VLAN traffic only to switches which have ports on the target VLAN.

Assigning VLAN memberships
The four methods of assigning VLAN memberships that are in use are:
Port-based: A switch port is manually configured to be a member of a VLAN. In order to connect a port to several VLANs (for example, a link with VLANs spanning over several switches) the port has to be member of a trunk. Only one VLAN on a port can be set untagged (3Com's term) or access mode (Cisco's term); the switch will add this VLAN's tags to untagged received frames and remove this VLAN's tag from transmitted frames.
MAC-based: VLAN membership is based on the MAC address of the workstation. The switch has a table listing the MAC address of each machine, along with the VLAN to which it belongs.
Protocol-based: Layer 3 data within the frame is used to determine VLAN membership. For example, IP machines can be classified as the first VLAN, and AppleTalk machines as the second. The major disadvantage of this method is that it violates the independence of the layers, so an upgrade from IPv4 to IPv6, for example, will cause the switch to fail.
Authentication based: Devices can be automatically placed into VLANs based on the authentication credentials of a user or device using the 802.1x protocol.

Port-based VLANs
A port based VLAN switch determines the membership of a data frame by examining the configuration of the port that received the transmission or reading a portion of the data frame’s tag header. A four-byte field in the header is used to identify the VLAN. This VLAN identification indicates what VLAN the frame belongs to. If the frame has no tag header, the switch checks the VLAN setting of the port that received the frame.


source

Wireless

Wireless operations permits services, such as long range communications, that are impossible or impractical to implement with the use of wires. The term is commonly used in the telecommunications industry to refer to telecommunications systems (e.g., radio transmitters and receivers, remote controls, computer networks, network terminals, etc.) which use some form of energy (e.g. radio frequency (RF), infrared light, laser light, visible light, acoustic energy, etc.) to transfer information without the use of wires . Information is transferred in this manner over both short and long distances.
Wireless communication may be via:
radio frequency communication,
microwave communication, for example long-range line-of-sight via highly directional antennas, or short-range communication, or
infrared (IR) short-range communication, for example from remote controls or via IRDA,
Applications may involve point-to-point communication, point-to-multipoint communication, broadcasting , cellular networks and other wireless networks.
The term "wireless" should not be confused with the term "cordless", which is generally used to refer to powered electrical or electronic devices that are able to operate from a portable power source (e.g., a battery pack) without any cable or cord to limit the mobility of the cordless device through a connection to the mains power supply. Some cordless devices, such as cordless telephones, are also wireless in the sense that information is transferred from the cordless telephone to the telephone's base unit via some type of wireless communications link. This has caused some disparity in the usage of the term "cordless", for example in Digital Enhanced Cordless Telecommunications.
In the last 50 years, wireless communications industry experienced drastic changes driven by many technology innovations

Not All Spyware Is Malicious But Must Be Removed

by: Arvind Singh

Though not all Spyware is malicious they must be removed all the same. The reason being that they will ultimately expand the registry of the system and stall the programs and generally make the system unstable.

Some people believe that you may not always need to remove spyware because Spyware is not always malicious. There are many kinds of Spyware that can infect your PC. Most of them are, thankfully, not uploaded with malicious intent. But why take chances. First of all let us analyze how Spyware comes to get onto the system in the first place. People who browse the Internet come across many sites that offer free download. Clicking on these downloads may bring with it some program in the background or hidden from the user. This may be in the form of ActiveX controls or components. When we download certain programs the download program flashes a message requiring the user to allow the download of an ActiveX control without which the download will not work. This ActiveX control is registered in the CLSID files of the registry. Once the download is complete the ActiveX control stored as a .OCX file begins its stealthy work. Best Spyware removal programs are especially weary of ActiveX controls and remove any malicious looking .OCX files.

Not All Spyware Cause Damage

Spyware is not always illegal. You may have inadvertently agreed to the use of the Spyware by clicking on the 'agree' button without reading the agreement. This kind of Spyware, however, does not carry out any malicious activity. It just collects data off all the Internet sites you visit and mails the information to the host where it came from. This does not mean that you cannot remove it when you want. You can do so with certain free Spyware Virus removal programs that search and remove adware and Spyware as well. There are malicious and downright criminal Spyware as well. This type of Spyware locates personal information such as that pertaining to your credit card or online bank information and is used for criminal activities usually causing a lot of damage to you. The system must be regularly scanned with free Spyware Adware removal utilities and then the registry cleaned with a registry cleaner to make sure the system is always secure.

Run Anti Spyware Every Time You Think Of It

Spyware can be removed from the system by using anti Spyware programs. However the anti Spyware software does not remove the entries of the ware from the registry. Special free anti Spyware removal software is required to do just that. Free anti Spyware removal software such as Microsoft Spyware removal tool, Yahoo Spyware removal utility or any of the free Spyware removal tools can scan the registry for broken links and useless entries that are no longer linked to programs. These free Spyware removal tools will then remove these entries from the registry freeing up disk space and compacting the registry for efficient use.


source link

Protecting Your Computer and Network

by: Aaron Weston

According to the latest research, Microsoft has found that cyber threats are getting more complex and advanced as "hackers" mature. How do you protect yourself against these threats? It's actually easier and cheaper then you think, and the payoff is high. In this article we'll address these challenges.

1. Get an antivirus program. Some worms, such as MyDoom, are capable of bringing entire networks to their knees. Some threats collect your personal information, such as passwords, and transmit them to a remote location. The cost associated with these threats is very high. To address these issues, several companies have released protections that are free for home use. Choose your program carefully as some promise the world, or have a reputation, but don't live up to the hype.

One unbiased test (http://www.techdo.com/?p=62) rated the top 20 virus programs against 175,000 virus definitions. The results may surprise you. Norton from Symantec, often perceived to be the best and requiring an annual fee for updates, is actually at the bottom of the list along with McAfee, easily surpassed by free offerings such as AVG, Avast! and AOL Active Virus Shield, using the top rated Kaspersky engine. In another test (http://www.thepcspy.com/articles/other/what_really_slows_windows_down/5), Norton takes three of the top six spots for programs that consume the most system resources. As you can see, you don't always get what you pay for and you may be leaving your system vulnerable.

At Northern Protocol Inc. we recommend AOL Active Virus Shield for Windows XP home use. Updates are free, response times are faster than Norton or McAfee, and it offers more comprehensive protection against threats. AVTest.org monitors response times of various vendors, and has found that Norton and McAfee are at the bottom of the list for releasing definitions. Your antivirus is only as good as it's definitions, and a slower response time and less effective detection increases the window for possible infection.

2. Get an anti-spyware program. Spyware threats are getting more complex. As browsers improve their security features, devious "script kiddies" have changed their tactics, now using Javascript to install threats, affecting any browser that has it enabled. So-called "free" software, such as screensavers, wallpapers and "smilies", to name a few, install spyware without your knowledge, burying the "agreement" in a lengthy license agreement that no-one ever reads before they click "accept". Some devious websites ask you to install "download managers" to access their files, which often have spyware (so-called "sponsor" software) embedded. Pay close attention to any installer that asks you to install "sponsor" software. Many antispyware programs and security suites are actually frauds, and often install spyware themselves. You can find a complete list at http://spywarewarrior.com/rogue_anti-spyware.htm.

There are several good programs out there, but the one we at Northern Protocol Inc. recommend the most is Prevx2.0. It requires a small annual fee to maintain the active protection component, but we find it extremely effective. Another good protection suite is AVG Anti-Malware which also requires a modest annual fee. Windows Defender is a good free alternative for users of genuine Windows products.

3. Install a firewall. Firewalls block intrusions from the outside, hiding your computer from the internet so that "hackers" don't know it's there. They can also block communications coming from within your network. Again, there are a lot of misconceptions in this realm. Norton and McAfee, while having a reputation, are actually sluggish and poor performers according to this review at http://www.informationweek.com/security/showArticle.jhtml?articleID=192201247&subSection=Security+Reviews. ZoneAlarm, while popular, is buggy and has hang ups of it's own, one being far too demanding of user involvement. One review (http://www.pcmag.com/article2/0,1759,1969207,00.asp), conducted by PC Magazine, rates Comodo Personal Firewall, a free firewall, as one of the best in it's class and is our recommendation as well.

A more effective solution, but more complex in installation, is to install an older computer as a firewall, running Smoothwall from http://www.smoothwall.org/. This solution is highly effective, inexpensive, and the one we use to protect our network.

4. Buy a router. Routers are inexpensive and in many cases offer built in firewalls that work in conjunction with the "NAT" firewall that is standard on all routers. What this does is take your IP address from the internet and translates it into internal addresses for your computer(s). This adds an extra layer of protection for your computer or network, putting one more obstacle in the way of any potential intruder. Northern Protocol Inc. recommends the use of Linksys or D-Link WBR or DIR series routers for the best performance.

5. Set the wireless security on your router. All too often people leave their wireless settings at default, leaving their networks wide open to attack. Log on to your router's control panel from any browser (192.168.1.1 for Linksys and 192.168.0.1 for D-Link) and set your wireless security settings.

First, change the password for the logon. Use a combination of upper and lower case letters and numbers, then test your password at http://www.microsoft.com/protect/yourself/password/checker.mspx for strength.

Second, enable encryption. In order, the preferred methods of encryption in terms of strength are WPA2, WPA and lastly WEP 128 bit. Some older network cards don't support WPA or WPA2, so either replace the card (recommended) or use WEP 128 bit. Create a key using the same guidelines as your administrator password, but make sure it's different.

Third, change the SSID (this is the name the router broadcasts to inquiring wireless devices). Ensure that it does not identify the make or model of your router and that it is not personally identifiable. It is preferable to disable broadcast altogether if you can remember the name and manually enter it into each computer's wireless configuration.

Fourth, if no other computers need to log on but your own, enable the MAC ID filter and enter in the MAC ID to each of your devices. This is a very effective solution, preventing all but your own devices from being able to log on to your router and obtain an address, even if they can figure out or already know the key. Each MAC ID is unique to every network device on the internet and thus no two devices have the same ID.

6. Update to the latest version of your browser. We recommend the use of either Opera or Internet Explorer 7, or both. These programs ensure that you have the latest security protections for your browsing experience, employing advanced techniques to prevent automatic installations of scripts, "phishing" scams, etc.

7. Update your operating system and software to the latest versions. As new threats and security flaws surface, Microsoft scrambles to get new fixes into the hands of it's users, and once a month releases a Malicious Software Removal Tool. Ensure that you have a genuine version of Windows, with Service Pack 2 installed for Windows XP, to be eligible for all the latest software updates. Research is showing that as operating systems become more secure, hackers are looking for alternative "attack vectors", or other software on your computer, as a means of attacking your system's security. Cover all your bases. Make sure that "Automatic Updates" are enabled on your machine(s).

8. Make regular backups. As backup solutions continually drop in price, there are no valid reasons to not perform regular backups. DVD burners, such as Pioneer and LG, are very inexpensive and reliable and can fit a large volume of data on a single CD or DVD. USB memory keys are also inexpensive, as are external hard drives. One folder that is very important to back up is your My Documents folder. Keep your backups away from the computer and in a safe place. Photographs can often never be replaced, so always keep current backups on hand.

Is your system infected? Do you need help employing any of the measures mentioned in this article? Call us at 705.812.2236. We remove the infections and protect you against future infections, without loss of data.

Learn more about security threats at http://www.npinc.ca/virus.htm.


source link