Kaspersky Lab Internet Security 2011, Base, 5U, 1Y, ENG KL1837UCEFS 用户手册
产品代码
KL1837UCEFS
U
S E R
G
U I D E
128
4. In the window that opens, on the Packet rules tab, open the advanced settings window by clicking the
Additional button.
5. In the Additional window that opens, check / uncheck the boxes next to the required settings.
N
ETWORK
A
TTACK
B
LOCKER
Network Attack Blocker scans inbound traffic for activity typical of network attacks. Once an attempt to attack your
computer is detected, Kaspersky Internet Security blocks any network activity of the computer making an attack towards
your computer.
computer is detected, Kaspersky Internet Security blocks any network activity of the computer making an attack towards
your computer.
). A warning will appear
on the screen stating that an attempted network attack has taken place, with specific information about the computer
which attacked you. Descriptions of currently known network attacks (see section "Types of detected network attacks" on
page
which attacked you. Descriptions of currently known network attacks (see section "Types of detected network attacks" on
page
) and methods to fight them, are provided in Kaspersky Internet Security databases. The list of attacks which
the Network Attack Blocker can detect is updated when the application's databases are updated (see section "Update"
on page
on page
I
N THIS SECTION
:
Types of detected network attacks ................................................................................................................................
Enabling and disabling Network Attack Blocker ............................................................................................................
Editing the blockage settings .........................................................................................................................................
T
YPES OF DETECTED NETWORK ATTACKS
Nowadays, a great number of network attacks exist. These attacks exploit vulnerabilities of the operating system and
other software, system-type or otherwise, installed on your computer.
other software, system-type or otherwise, installed on your computer.
To ensure the security of your computer, you must know what kinds of network attacks you might encounter. Known
network attacks can be divided into three major groups:
network attacks can be divided into three major groups:
Port scan
– this threat type is not an attack itself but it usually precedes one, since it is one of the common ways
of obtaining information about a remote computer. The UDP / TCP ports used by the network tools on the
computer targeted by an intruder are scanned to find out their status (closed or open).
computer targeted by an intruder are scanned to find out their status (closed or open).
Port scans can tell a hacker what types of attacks work on that system, and what types do not. In addition, the
information obtained by the scan (a model of the system) helps the malefactor to know what operating system
the remote computer uses. This, in turn, further restricts the number of potential attacks, and, correspondingly,
the time spent perpetrating them. It also aids a hacker in attempting to use vulnerabilities characteristic of the
operating system.
information obtained by the scan (a model of the system) helps the malefactor to know what operating system
the remote computer uses. This, in turn, further restricts the number of potential attacks, and, correspondingly,
the time spent perpetrating them. It also aids a hacker in attempting to use vulnerabilities characteristic of the
operating system.
DoS attacks, or Denial of Service attacks are attacks which cause an unstable performance of a system or its
crash. Attacks of this type may affect the operability of information resources under attack (for example,
blocking Internet access).
crash. Attacks of this type may affect the operability of information resources under attack (for example,
blocking Internet access).
There are two basic types of DoS attacks:
sending the target computer specially created packets that the computer does not expect, which cause the
system either to restart or to stop;
system either to restart or to stop;
sending the target computer many packets within a timeframe that the computer cannot process, which
causes system resources to be exhausted.
causes system resources to be exhausted.
The most flagrant examples for this group of attacks are the following types: