Saturday, October 25, 2008

What is VPN and Why should use VPN?

VPN stands for Virtual Private Network, and is an increasingly popular form of proxy for security and to stay anonymous on net. VPN Hosting is about creating private network or tunnel over the public network "internet". Each VPN tunnel is totally anonymous on the public internet and it helps to keep your activities anonymous and safe. VPN hosting is an attractive option for people concerned about their security and privacy.

VPN Provides You:

* Provides a layer of security and anonymity.
* Prevents local ISP from regulating your connection.
* Prevents harassment from people tracking you by your IP address.
* Safe/encrypted connection between your computer and the Internet.
* Access blocked sites and bypass proxy and content filters.
* Internet Service Provider won't know you are using it.
* Your office or school won't know you are using it either!
* Bypass Skype/MSN blocks.
* Skype sound quality may improve with a VPN connection.
* Visit all blocked/censored websites.
* Prevent your ISP from bandwidth throttling for torrent and other P2P networks
* Unblock All Ports

Friday, October 24, 2008

Why should use a firewall? part 2

To prevent internal leakage of information:

By using a firewall on the internal network division, can focus on the internal network segment isolation, limiting the focus of local or network security issues sensitive to the impact of the global network. In addition, privacy is very concerned about the internal network, an internal network, not the details of the profile may contain a clue about security caused by external attacker interest, even while the storm omitted some of the internal network security holes . Use a firewall can be hidden within those disclose details such as Finger, DNS, and other services. Finger show hosts of all the registered user name, real name, the last time to log on and use the type of shell, and so on. Finger but very easy to show that the information was informed by the attacker. An attacker could use the system to know the frequency of the system if there is to connect Internet users, whether or not the system in the attack to draw attention, and so on. Similarly, the firewall can block related to the internal network of DNS information, so a host of domain names and IP addresses will not be understood by the outside world.
In addition to security, the firewall also has the support of Internet service characteristics of the enterprise network technology system VPN (virtual private network).
English firewall called "FireWall", it is one of the most important network of protective equipment. From a professional perspective, the firewall is located in two (or more) network, network access control between the set pieces Yi Zuzu.
In the network firewall is often shown in the chart below are two icons appear. The very image of the icon on the left, like a wall, like real. And the icon on the right side from the firewall to filter mechanism to visualize, there are icons in the icon of a diode. Diodes and we know that it is conducting a one-way, this is vividly illustrated with a single firewall wizard transparency. It now appears that some mechanism for filtering firewall conflicts, but it fully reflects the firewall in the early design idea, as well as a large extent reflects the current firewall filtering mechanisms. Fire because the initial design idea is always the internal network of trust, and the external network is not always trusted, so the firewall is only the first external filter incoming communications, and internal communications issued by the users not to limit . Of course, the current firewall filtering mechanism in the changes, not only for external communications issued by the network to connect to filter internal users to connect to issue some of the requests and needs of the same packet filtering firewall, but still only in line with the security strategy Communication through, it can be said to have "unilateral connecting" sexual.
Firewall refers to the original meaning of the ancient wooden structure of the building and use of housing, in order to prevent the occurrence and spread of fire, it will be solid and a pile of stones in the surrounding housing as a barrier, the protective structures to be known as the "firewall." In fact, the firewall and work together with the "door." If there are no doors, the people room how communication, the Room of these people, how can it get? When the fire broke out, those who fled the scene, how do? This is equivalent to the door on us by talking about the firewall "security strategy", so here we are talking about a firewall is not the actual wall solid walls, but with some small holes in the wall. These small hole is left to those used to allow communication in these small holes in the installation of a filtering mechanism, which is described above, "one of the universal guide."

Thursday, October 23, 2008

Why should use a firewall?

The firewall is the network security barrier:   A firewall (as chokepoint, control point) can enhance an internal network enormously the security, and through filters the unsafe service to reduce the risk. Because only then undergoes the careful choice the application agreement to be able through the firewall, therefore the network environment becomes safer. If the firewall may forbid such as the well known unsafe NFS agreement to pass in and out is protected the network, like the exterior aggressor is impossible to use these frail agreements to attack the internal network. At the same time the firewall may protect the network to be exempt from based on route's attack, like in IP option source route attack and ICMP heavy direction detection heavy directional way. The firewall should be possible to reject all above type attack the text and informs the firewall manager.   The firewall may strengthen the cyber security policy:   Through take the firewall as the central safety program disposition, can possess the security software (for example password, encryption, status authentication, audit and so on) to dispose on the firewall. With disperses the network security problem to each main engine on compares, firewall's centralism safety control is more economical. For example when network visit, a dense password system and other status authentication system definitely may not need to disperse on each main engine, but concentrates on a firewall body.   Carry on the monitoring audit visit to the network access and:     If under all visits after the firewall, that the firewall can record these to visit and to make the diary record, simultaneously can also provide the network service condition the statistical data. When has the suspicious movement, the firewall can carry on the suitable warning, and provides the network whether to receive the monitor and the attack detailed information. Moreover, collects a network the use and misuses the situation is also very important. The first reason is may the clear firewall whether can resist aggressor's survey and the attack, and clear firewall's control to be whether sufficient. But the network use statistics and so on speaking of the network demand analysis and the threat analysis are also very important.

Wednesday, October 22, 2008

Firewall ABC 2

Has a very good firewall protection. Intruder must first pass through the firewall security line of defense in order to access the target computer. You can configure the firewall into a number of different levels of protection. A high level of protection may be to prohibit certain services, such as video streaming, and so on, but at least it is to protect your own choice.
There are different types of firewall. A hardware firewall can be a part of their own, you can connect to the Internet and the computer to insert all of them. A firewall can also run on separate machines, the machines behind it as a network of agents and all the computer firewall. Finally, even direct the machine on the Internet can use personal firewall.
Of course, since the intention to understand the easy-to-digest, it is necessary to take a look at the concept of a firewall. Firewall is a car in the name of the parts. In the car, use a firewall to separate passengers and the engine, so that once the fire engine, the firewall will not only protect the safety of passengers, while at the same time so that drivers can continue to control the engine. Another computer terminology, of course not be interpreted that way, we can come to understand the analog network, the so-called "firewall" refers to an internal network and the public access network (such as the Internet) separate ways, it is actually A separation technology. Firewall is a network of communications in both the implementation of an access control measure, it allows you to "consent" and the data you enter the network at the same time you will "not agree" and the data out to the maximum Network to prevent hackers access to your network. In other words, if not through the firewall, the company's in-house who will not be able to access Internet, Internet on people and companies can not carry out internal communications.

Tuesday, October 21, 2008

Firewall ABC

The definition of a firewall
Referring to the so-called firewall is a software and hardware combination, intranet and extranet, private network and public network interface between the structure of barrier protection. Is a method of acquiring the image of security, It is a kind of computer hardware and software, so that the Internet and Intranet set up a secure gateway between the (Security Gateway), so as to protect the internal network from unauthorized users of the intrusion, firewall services from the main access rules, verification tools, including Gateway filtering and application of 4 parts, a firewall is located in the computer and connect its network between the hardware or software (which uses less hardware firewall, such as the Department of Defense, as well as large rooms and other places before, because it Expensive). The inflow and outflow of all the computer network were to go through the firewall.

The firewall function
It flows through the firewall on the network to scan, which can filter out some of the attacks, so that they will be executed on the target computer. Turn off the firewall can not use the port. But it can also prohibit the outflow of port-specific communications, blockade Trojan horse. Finally, it can be prohibited from special visit to the site in order to prevent intruders from unknown to all communications.

Monday, October 20, 2008

Privoxy

Privoxy is a model of belt filtration function agent server, in view of HTTP, HTTPS agreement, frequently with Tor combination use. Through Privoxy super filtration function, user, thus may protect the privacy, carry on the filtration to the homepage content, to manage cookies, as well as detains each kind of advertisement and so on. Privoxy may serve as the single plane, may also apply the multiuser network.   

Privoxy based on Internet Junkbuster, carries on the issue according to GNU General Public License. May in Linux, Windows, Mac OS X, AmigaOS, BeOS, as well as on each kind of Unix moves.   

The newest stable version 3.0.8 issued in January 19, 2008.

Sunday, October 19, 2008

Default Gateway

For a TCP / IP protocol configuration, is a direct arrival of the IP router's IP address. Default gateway can be configured in the IP routing table to create a default path.
IP address of the router to give the name of the local network and connect the machines must be out of traffic to this address in order to pass beyond the local network, so that the address be outside the local subnet IP address of the "gateways." Also Recently, the gateway is used when the host or network routing table heading input does not exist in the local routing table when they host the packet is sent to there.
Gateway (Gateway) is a network connection to another network's "gateway."
In accordance with different standards, there are many gateways. TCP / IP protocol, the gateway is the most commonly used, here we are
Said the "gateway" refer to TCP / IP protocol under the Gateway.
Gateway then in the end what is it? Gateway is essentially a network to other network IP address. A network such as network and B, Network A range of IP addresses "192.168.1.1 ~ 192. 168.1.254", for the subnet mask 255.255.255.0; Network B of the IP address of the range "192.168.2.1 ~ 192.168. 2.254 ", as a subnet mask of 255.255.255.0. In the absence of routers, the two networks can not be carried out between the TCP / IP communications, even if the two network connections on the same switch (or hub) on, TCP / IP protocol will be based on subnet Mask (255.255.255.0) to determine the two networks in a host of different network. In order to achieve these two communications networks, through Gateway. A network if the host was found in the packet is not the purpose of hosting the local network, put forward the packet to its own gateway, and then forwarded by the gateway to the network gateway B, B network gateway and then sent to the network B of a host (such as shown in the attached map). Network B to A network packet forwarding process. Therefore, only set up the gateway IP address, TCP / IP protocol can be achieved between the different networks to communicate with each other. Then the IP address of the machine, which is the IP address? Gateway is the IP address of the routing of the IP address of the device, with the routing equipment router, routing protocol enabled server (essentially the equivalent of a router), the proxy server (also The equivalent of a router).
What is the default gateway
If you understand what is the gateway, the default gateway is also a good understanding. Just like that there will be a room door,
A host to a number of gateways. The default gateway is the meaning of a host can not be used if the gateway, put the packet sent to default gateway specified by the gateway to deal with the packet. Gateway is now used by the host, in general refers to the default gateway.
How to set the default gateway
A computer's default gateway is not designated by the casual, must be properly designated, or a computer will
Gateway is not a packet sent to the computer, which can not compete with other computer communications network. Gateway's default settings are automatic and manual settings set in two ways.
1. Settings manually
Manual settings apply to the relatively small number of computers, TCP / IP parameters remain basically unchanged, for example, only a few dozen to Taiwan
Computer. Because this would require each of the networks linked to a computer set up on the "default gateway" very hard, because once the migration and other factors led to the need to modify the default gateway IP address to the network will bring big trouble So is not recommended to use.
In Windows 9x, set the default gateway is in the "Network Places" on the right-click in the pop-up menu, click
"Properties" on the network Properties dialog box, select the "TCP / IP protocol," click on "Properties" and "default gateway" to fill in a new tab in the default gateway IP address it.
Need to pay special attention to is this: By default gateway must be a computer's own network segment of IP addresses, and can not fill in the other
Segment of IP addresses.
2. Automatically set
Is automatically set to use DHCP server automatically to the computer network, the distribution of IP address, subnet mask and default gateway
. The benefit is that once the network's default gateway has changed, as long as a DHCP server to change the default setting of the gateway, then all the computer networks are a new default gateway IP address. This method is suitable for large-scale network, TCP / IP parameters may change in the network.
Another automatic access to the gateway through a proxy server to install software (such as MS Proxy) of client
To automatic, its principles and methods are similar and DHCP. Due to limited space, no longer on the details.
If you look at the beginning of routing knowledge, they would easily understand,
Into the command-line mode:
C: \> route print
There will be a route:
0.0.0.0 0.0.0.0 default IP Gateway Interface (machine IP) hop
For example, my machine:
0.0.0.0 0.0.0.0 192.168.100.254 192.168.100.233 1
Means: the needs of all packets transmitted, are the default gateway IP (Interface) sent out, of course, is to return from there after