Internet Blog

WiFi HotSpot As we know, hotspots or wireless internet access with standard 802.11b / g are not familiar stuff our ears, and when we go in public places like the Mall, Cafe, hotels and offices, with our easy to find the facility ..

Unfortunately not all providers offer wireless Internet facilities for free, or if free. extremely limited.
One of the protection used wireless service providers is to restrict Internet access based on MAC Address.
What is MAC Address?
In computer networking a Media Access Control address (MAC address) or Ethernet Hardware Address (EHA) or hardware address or adapter address is a quasi-unique identifier attached to most network adapters (NICs) ..
Okay so the conclusion MAC Address is a unique number that distinguishes each network device that is attached dikomputer us.
An example is the hotspot in hotel hilton. At hilton hotspot The Wireless Internet service providers, limiting the use of the Internet is free only for 3 hours, after that you can not access the Internet again, and would not be able to access again tomorrow. Type of protection used is MAC Address Filtering.
How to break through the protection with a MAC Address?

There is a very useful tool for anda.Tools was named K-MAC Download Dicini
With this tool you will be able to change your MAC-Address instantly and what does it mean? You can break the MAC Address Protection!. Each share of Internet access you run out in 3 hours, you need to do is change your MAC address, and do the connection.
I add more for info. WEP/WPA/WPA-2 cracking passwords using
programs are available in packages of OS backtrack
kismet
Kismet is a security tool that runs Linux, Kismet is used to eavesdrop on data traffic in the Internet network.
Aircrak-Aircrak-PTW PTW is a tool used to crack wireless protected. Each of these notebooks with different specs, so any way to use aircrack different.
One trick is also used to search for passwords which are used by someone to access hotspots that use prepaid cards.
Simple tool that prepared aja sih:
Software required:
1. Angry IP Scanner
2. Technitium MAC Address
Immediately wrote now to how:
# Find the location of the hotspot service provider, certainly in the area of ​​affordable hotspot network is ..
# Turn on your laptop, and also turn on your wireless network and see the wireless network system tray icon, then right click and select view avalible wireless network, and of course after that you must connect to a wireless hotspot your destination.
# After connect, right click the system tray and select status> choose details tab> look there ip given to us. Write down the ip.
# Open the program AngryIP Scanner 2.21 and enter the ip range that we will scan (ip data used were we) at the top. For example: 135.125.1.13 IP that we can then enter the ip in the first column of our range in accordance with an earlier but instead of ip numbers at the end of the first to be 135.125.1.1 and the second column write the same but the number one end was replaced with 255 to 135 125 .1.255. result is 135.125.1.1 to 135.125.1.255 and click start (red button).
# After scanning then we'll get a live ip data connected with these hotspots. after scanning is complete then see the ip of the living (alive hosts) blue right click on the live ip ip Right-click on the blue color was right click> show> mac address and there will be a code mac address (mac addresses sometimes there does not appear, select Just the other ip). Write down the mac address that we get.
# Open the program Technitium MAC Address v5 release 3 which we have prepared. There is a mac address field. well now just change the mac address with which we got earlier and press change mac id.
# Wait for our mac will be replaced and a temporary connection and connect again automatically disconnected itself.
# Go to the firefox web browser, or anything goes. Enjoy Free Internet.
One thing to remember is that our system is the transfer of passenger data to hack an account that we had.
It can outsmart the status of hotspot login page enter it (to account). For example status and so go there it looks prepaid card code number and we simply keep track of, then logout and log back into the hotspot's login page quickly enter the password earlier. This will make us can directly access the Internet without a ride again (because that make us prepaid card code) so if anyone wants to login to use the card (which had a code) when you log in using the card of course he can not enter because prepaid cards.
"Already logged".
How about it, interesting is not it?
But I suggest, as I do is to ride alone, because I do not want to go too far, like the way I Tell to log off and log in again will surely make the owner can not log in. Request permission directly is also a possibility that had not refused, the origin of his interests is urgent.
For Ip Scanning can also use the application Dude, download it here, to determine the condition of the computers connect to the hotspot. Can be tried too ya ..
Hmm, i have some usefull tools again, check it.
WEP and WPA KeyGenerator
Wireless Key Generator
run it live programs generate,, and coffee directly into the network key. ...
Or also you used this application "wifi password finder"
seach it self in search engine :D, all this is just for learning, as long as we are still able to use the legal why not wrote. And this can also be used by the hotspot owner, if in this way can still be used to break into. So it needs more security.

W32.Ramnit is a worm that infects .exe, .dll and .html files to reproduce and infect other systems. After infection, W32.Ramnit will hijack your browser to redirect you to a malicious domain. W32.Ramnit may also make contact with an anonymous third party through Internet Explorer exploits, allowing the remote attacker to violate your privacy and exert control over your computer. Many anti-malware programs have been unable to detect W32.Ramnit in some instances; severe infections can necessitate a complete system wipe to remedy the situation. Be cautious about worms like W32.Ramnit when on large networks or using removable media, and strive to delete W32.Ramnit quickly before it becomes too difficult to remove.

first things W32.Ramnit does is infect any .exe, .dll, or .html files W32.Ramnit can find. If you open these infected files, congratulations - now you've got W32.Ramnit, too! W32.Ramnit may also create concealed Autorun.inf files that are placed on various drives, including removable ones. Any computer that then accesses these drives will also get the W32.Ramnit worm.

Different versions of W32.Ramnit have been identified as a threat since January of 2010, and the worm is far from exterminated yet. Fortunately, indicators of W32.Ramnit's presence are sufficiently plain that you ought to see W32.Ramnit before it's been on your system too long. Deleting W32.Ramnit with sufficient quickness can mean the difference between your computer surviving without damage and your computer needing a complete hard drive wipe.

W32.Ramnit may also be detected under the slight variant names of W32.Ramnit.A and W32.Ramnit.B.

Backup Reminder: Always be sure to back up your PC before making any changes.


To remove W32.Ramnit, you must first stop any W32.Ramnit processes that are running in your computer'ds memory. To stop all W32.Ramnit processes, press CTRL+ALT+DELETE to open the Windows Task Manager. Click on the "Processes" tab, search for W32.Ramnit, then right-click it and select "End Process" key.

To delete W32.Ramnit registry keys, open the Windows Registry Editor by clicking on the Windows "Start" button and selecting "Run." Type "regedit" into the box and click "OK." Once the Registry Editor is open, search for the registry key "HKEY_LOCAL_MACHINE\Software\W32.Ramnit." Right-click this registry key and select "Delete."

Finally, to completely get rid of W32.Ramnit, you must manually remove other W32.Ramnit files. These W32.Ramnit files can be in the form of EXE, DLL, LSP, TOOLBAR, BROWSER HIJACK, and/or BROWSER PLUGIN. For example, W32.Ramnit might create a file like
%PROGRAM_FILES%\W32.Ramnit\W32.Ramnit.exe. Locate and remove these files.

Windows Firewall helps to protect computers from unsolicited network traffic. The Windows Firewall APIs make it possible to programmatically manage the features of Windows Firewall by allowing applications to create, enable, and disable firewall exceptions.
Windows Firewall API is intended for situations in which a software application or setup program must operate with adjustments to the configuration of the networking environment in which it runs. For example, a service that needs to receive unsolicited traffic can use this API to create exceptions that allow the unsolicited traffic.
Windows Firewall API is designed for use by programmers using C/C++, Microsoft Visual Basic development system, Visual Basic Scripting Edition, and JScript development software. Programmers should be familiar with networking concepts such as stateful packet filtering, TCP/IP protocol concepts, and network address translation (NAT).
Windows Firewall API is supported on Windows XP with Service Pack 2 (SP2). For more specific information about which operating systems support a particular programming element, refer to the Requirements sections in the documentation.

[Internet Connection Firewall may be altered or unavailable in subsequent versions. Instead, use the Windows Firewall API.
The following VBScript code first determines if Internet Connection Sharing and Internet Connection Firewall are available on the local computer. If so, the code enumerates the connections on the local computer, and enables Internet Connection Firewall on the connection that is specified as a command line argument.


' Copyright (c) Microsoft Corporation. All rights reserved.

OPTION EXPLICIT

DIM ICSSC_DEFAULT, CONNECTION_PUBLIC, CONNECTION_PRIVATE, CONNECTION_ALL
DIM NetSharingManager
DIM PublicConnection, PrivateConnection
DIM EveryConnectionCollection

DIM objArgs
DIM con

ICSSC_DEFAULT = 0
CONNECTION_PUBLIC = 0
CONNECTION_PRIVATE = 1
CONNECTION_ALL = 2

Main( )

sub Main( )
Set objArgs = WScript.Arguments

if objArgs.Count = 1 then
con = objArgs(0)

WScript.Echo con

if Initialize() = TRUE then
GetConnectionObjects()

FirewallTestByName(con)
end if
else
DIM szMsg
szMsg = "Invalid usage! Please provide the name of the connection as the argument." & chr(13) & chr(13) & _
"Usage:" & chr(13) & _
" " + WScript.scriptname + " " + chr(34) + "Connection Name" + chr(34)
WScript.Echo( szMsg )
end if

end sub


sub FirewallTestByName(conName)
on error resume next
DIM Item
DIM EveryConnection
DIM objNCProps
DIM szMsg
DIM bFound

bFound = false
for each Item in EveryConnectionCollection
set EveryConnection = NetSharingManager.INetSharingConfigurationForINetConnection(Item)
set objNCProps = NetSharingManager.NetConnectionProps(Item)
if (ucase(conName) = ucase(objNCProps.Name)) then
szMsg = "Enabling Firwall on connection:" & chr(13) & _
"Name: " & objNCProps.Name & chr(13) & _
"Guid: " & objNCProps.Guid & chr(13) & _
"DeviceName: " & objNCProps.DeviceName & chr(13) & _
"Status: " & objNCProps.Status & chr(13) & _
"MediaType: " & objNCProps.MediaType

WScript.Echo(szMsg)
bFound = true
EveryConnection.EnableInternetFirewall
exit for
end if
next

if( bFound = false ) then
WScript.Echo( "Connection " & chr(34) & conName & chr(34) & " was not found" )
end if

end sub

function Initialize()
DIM bReturn
bReturn = FALSE

set NetSharingManager = Wscript.CreateObject("HNetCfg.HNetShare.1")
if (IsObject(NetSharingManager)) = FALSE then
Wscript.Echo("Unable to get the HNetCfg.HnetShare.1 object")
else
if (IsNull(NetSharingManager.SharingInstalled) = TRUE) then
Wscript.Echo("Sharing isn't available on this platform.")
else
bReturn = TRUE
end if
end if
Initialize = bReturn
end function

function GetConnectionObjects()
DIM bReturn
DIM Item

bReturn = TRUE

if GetConnection(CONNECTION_PUBLIC) = FALSE then
bReturn = FALSE
end if

if GetConnection(CONNECTION_PRIVATE) = FALSE then
bReturn = FALSE
end if

if GetConnection(CONNECTION_ALL) = FALSE then
bReturn = FALSE
end if

GetConnectionObjects = bReturn

end function


function GetConnection(CONNECTION_TYPE)
DIM bReturn
DIM Connection
DIM Item
bReturn = TRUE

if (CONNECTION_PUBLIC = CONNECTION_TYPE) then
set Connection = NetSharingManager.EnumPublicConnections(ICSSC_DEFAULT)
if (Connection.Count > 0) and (Connection.Count < 2) then
for each Item in Connection
set PublicConnection = NetSharingManager.INetSharingConfigurationForINetConnection(Item)
next
else
bReturn = FALSE
end if
elseif (CONNECTION_PRIVATE = CONNECTION_TYPE) then
set Connection = NetSharingManager.EnumPrivateConnections(ICSSC_DEFAULT)
if (Connection.Count > 0) and (Connection.Count < 2) then
for each Item in Connection
set PrivateConnection = NetSharingManager.INetSharingConfigurationForINetConnection(Item)
next
else
bReturn = FALSE
end if
elseif (CONNECTION_ALL = CONNECTION_TYPE) then
set Connection = NetSharingManager.EnumEveryConnection
if (Connection.Count > 0) then
set EveryConnectionCollection = Connection
else
bReturn = FALSE
end if
else
bReturn = FALSE
end if

if (TRUE = bReturn) then

if (Connection.Count = 0) then
Wscript.Echo("No " + CStr(ConvertConnectionTypeToString(CONNECTION_TYPE)) + " connections exist (Connection.Count gave us 0)")
bReturn = FALSE
'valid to have more than 1 connection returned from EnumEveryConnection
elseif (Connection.Count > 1) and (CONNECTION_ALL <> CONNECTION_TYPE) then
Wscript.Echo("ERROR: There was more than one " + ConvertConnectionTypeToString(CONNECTION_TYPE) + " connection (" + CStr(Connection.Count) + ")")
bReturn = FALSE
end if
end if
Wscript.Echo(CStr(Connection.Count) + " objects for connection type " + ConvertConnectionTypeToString(CONNECTION_TYPE))

GetConnection = bReturn
end function

function ConvertConnectionTypeToString(ConnectionID)
DIM ConnectionString

if (ConnectionID = CONNECTION_PUBLIC) then
ConnectionString = "public"
elseif (ConnectionID = CONNECTION_PRIVATE) then
ConnectionString = "private"
elseif (ConnectionID = CONNECTION_ALL) then
ConnectionString = "all"
else
ConnectionString = "Unknown: " + CStr(ConnectionID)
end if

ConvertConnectionTypeToString = ConnectionString
end function

Voice over IP (VoIP) systems today are gaining in popularity today for several reasons, most notable are the availability of so many open source and commercial options, the high degree of available interface devices that allow you to connect to existing circuit based networks and hardware, and the ability to create full end to end IP based solutions using available high-speed links or gateways with commercial trunk providers. However, it is still easy to make a poor purchasing decision unless you take a good look at the basic requirements of what a communication system needs to provide to be effective in your business and help you achieve your cost savings while still maintaining your ability to be connected to your clients and vendors in an effective manner. My intent here is to help outline the 5 standard features that your VoIP system should have for it to be considered the proper solution for your enterprise.

Examination

Standardization and Flexibility

Just like Henry Ford grew the automobile business based upon the obvious concept of standardization, the VoIP industry gained its recent focus and popularity based upon the same ideals. Gone are the days of having to select and architect a solution based upon the supported protocols of one vendor and become locked in. The two major signaling protocols you will see today, H.323 and SIP are the largest players, with H.323 starting to lag behind as SIP gains in popularity and support, more compliant vendors, and continued enhanced to support more media streams and tighter device integration that up until recently has been what was keeping H.323 ahead in the game. Keeping in mind that H.323 is still the more mature technology, currently it is holding its ground in the carrier space and is used quite extensively as a trunk side protocol. This has allowed SIP to comfortably gain foothold in the enterprise space as a local carrier style protocol that is simpler to implement, troubleshoot, and extend with new features as needed. It is clear that for a system to be considered future proof it has to support the currently prevalent standards but also allow ‘plug ability’ and offer support for emerging standards, or alterations to the existing standards as well.

Integration Options

Unless you are starting from scratch you are most likely attempting to integrate a VoIP option into your existing infrastructure as part of a phased deployment strategy. The current list of options to accomplish this is growing longer and longer every day, and that has many benefits for the consumer with regards to architecture, cost, interoperability options, and the quicker movement to tighter standards compliance between vendors. There is no longer a need to consider the move to VoIP to be an all or nothing deal with the introduction of gateway devices that allow you to leverage your current investment in older TDM based equipment and enhance it with the newer IP based messaging solutions. Doing this allows you to add new devices to the newer IP network while maintaining a rich level of integration with the legacy TDM equipment until it lives out its natural (and still depreciable) life span.

Security

As with everything today, security is a huge consideration when you start to think about moving to VoIP. If it is not something that you have already though about, or your vendor has not discussed it deeply with you then I urge you to stop reading this right now, go to your vendor and ASK how secure your current VoIP implementation (or the one you are planning to install) is.

Security is so critical in today’s business market, but because people have felt so safe in the past using TDM voice infrastructures where ‘tapping’ meant actually making a physical connection to the ‘wires’, the thought of security quite often eludes people when you starting the talk about VoIP. It is so easy to fire up a copy of Wireshark on your network, collect some packets, and use the tools built right into the GUI to listen to VoIP conversations. So, what do you do? The answer is simple. You turn on encryption and ensure that every device you use within in your IP infrastructure involved in the call supports the encryption scheme that you pick. Keep in mind that while encryption is good, it does add CPU load to your devices, can cause higher network utilization because the packets can get larger, and can add complexity to any troubleshooting efforts, but you should NOT implement any VoIP system without taking security into consideration. One fine option that I have used is to consider your internal network to be secure and just encrypt the calls that pass via IP between external parties (over your IP based trunks if you use them) or between all your company locations using the public IP network. It’s my feeling that as long as you keep your internal IP infrastructure secure (IE: tight controls on who can enter your IT area, and you are using switches rather than hubs), bothering to encrypt internal IP connections is not always needed because in a properly configured environment you will not be able to capture VoIP data other than what is directed to you. If you are using hubs then all bets are off of course. That is a subject for another article.

Support

As with most other technologies, part of your purchasing and deployment planning MUST be to take the support model into consideration. Don’t just assume that your existing vendor that supports your current internet connection to the external world is going to be there if you have IP trunk problems, understand what terminology like QoS, jitter, and other VoIP lingo means, or even how to correct them if problems occur. As when introducing any new technology you need to have a sit-down with everyone involved in the proposed value chain and establish an understanding of expectations, possible support needs, costs, and schedules. You may find out that your provider is by default blocking the native ports that the typical VoIP protocols require simply because they are not used to requiring them to be open for other clients. If you are ready to move to IP for your voice communications just understand that while you may have been willing to put up with slowness in the afternoons when you tried to use the web to order your dinner so you could pick it up on the way home, a slow data connection can wreak havoc with voice quality and the ability to establish a call. You may need to consider a separate IP connection just dedicated to voice, and in fact you may need to start considering redundant connections using two different providers for your voice if you have not already done so for your data. Additionally, ensure that your vendor has the proper debugging tools in place, knows how to use them, and is willing to offer training to your staff, or that you are willing to use third parties to get them trained, so that they can be used to keep the system running in top condition. Remember that voice communication is still considered a top priority in today’s business world and loosing that, even for a few hours, can make a customer start looking for someone to replace you as a vendor.

Extension Points

Many people today are used to just using the phone to talk, or maybe send faxes, but once the move to IP is made the benefits will start to bring on questions about other methods of application integration, and additional ways to leverage the new communications system. One thing that you should always consider on any new system, not just VoIP, are ways that you can utilize it going forward for things other than just your current needs. A car would not be much use if you could only drive it back and forth to work would it? The same goes for your telephony solution. Right from the start you should consider investigating the extension areas of all the solutions you look at and at least gain an understanding of the features and benefits that each system may or may not offer. For example, it could be very disappointing to get a system all in place and six months latter determine that you still need to add a bank of analog trunk lines to and receive faxes because your solution did not include the ability for Fax over IP (FoIP) codecs. Making blanket assumptions like ‘just because traditional faxes use our existing voice lines the VoIP system should also do fax’ can lead to some very tense moments across a boardroom table. Also consider integration with other areas like Instant Messaging (IM) and application integration such as the ability to build basic Interactive Voice Response (IVR) menus (IE: ‘To talk to support, please press 1, to talk to sales, please press 2,…) into the system and create simple auto attendant applications. These simple features can help add some great value that may not have been considered previously, and allow you to recoup the costs of a VoIP implementation over a shorter timeline than previously anticipated. Areas like this can allow you to bring systems together under one area and thus cut down the size of your external vendor list.
Conclusion

As you can see, the move to VoIP is fraught with decisions, technical considerations, and even some simple human capital management opportunities, but the gains in productivity, efficiency, and the ability to leverage existing infrastructure and gain some valuable benefits in the areas of long term manageability, application integration, multi-modal communications options and simpler to manage infrastructure far outweigh the potential problems as long as the map forward is well thought out and planned. As with most IT based business decisions it is always good to ensure that everyone understands the possible features and benefits as well as the potential risks and how they can be mitigated to derive the value that is expected.

Disclosures and References

As part of my previous experience in VoIP technology I spent 10 years as a product and training specialist working for both Intel Corporation and Dialogic Corporation in the area of Digital PBX TDM to IP interfacing with regards to the Netstructure PBX/IP Media gateway product line. In addition, my secondary focus was working closely with vendors offering tightly integrated VoIP solutions such as Microsoft Exchnage Unified Messaging and IBM Lotus Sametime using these devices as well as the design and development of product training classes, certification programs for user and administrative positions, and product documentation collateral.

Microsoft has released a number of non-security updates, the majority of which are for the latest versions of its client and server operating systems. All the patches are available on Windows Update and the Microsoft Download Center and most will require a restart. With the exception of the last patch, they're all for Windows 7 or Windows Server 2008 R2.

Most of these updates will be rolled into Service Pack 1 for Windows 7 and Windows Server 2008 R2. Testers got the first Windows 7 SP1 beta build two months ago, but just today Microsoft sent out build 7601.17077 to selected PC and Technology Adoption Program partners, according to ZDNet.

The first patch (KB2028560) is vaguely described as one that delivers "new functionality and performance improvements for the graphics platform."

The second patch (KB2249857) describes an issue that occurs on 2TB+ hard disk drives. If the OS is configured to save dump files to a volume of such an HDD, some of the dump file is offset at a disk offset greater than the 2TB address, and Windows is either put into hibernation or crashes, volumes on the HDD may be corrupted, and data is lost. If the corrupted volumes include the system partition, the computer will no longer boot.

The third patch (KB982110) fixes a problem when running 32-bit applications on a 64-bit edition of Windows 7 or Windows Server 2008 R2. If the application uses the QueryPathOfRegTypeLib function to retrieve the path of a registered type library, it may return the path of the 64-bit version of the type library instead of the 32-bit one.

The fourth patch (KB2272691) is for a game, application, or firmware that is either installed incorrectly, causes system instability, or has primary functions that do not work correctly. The update will either prevent incompatible software from running (hard block with third-party manufacturer consent), notify the user that incompatible software is starting to run (soft block), or improve the software's functionality (update). It lists just a single application (Sensible Vision FastAccess) as being affected.

The fifth patch (KB2203330) solves a problem when installing a third-party application for the multiple transport Media Transfer Protocol (MTP) device or for the Windows Portable Device (WPD). Connecting an MTP or WPD device may result in an APC_INDEX_MISMATCH stop error message because of a race condition in the Compositebus.sys driver.

The last patch (KB979453) is for Windows Home Server and addresses five separate issues that were found since the release of WHS Power Pack 3.

Gmail's support site has a security checklist that's useful if you want to make sure that your Gmail account is secure. There are some obvious tips like updating your operating system and your browser, but Google also posted some advanced tricks:

1. "Check the list of websites that are authorized to access your Google Account data. Make sure that the list of authorized websites are accurate and ones that you have chosen. If your Google Account has been compromised recently, it's possible that the bad guys could have authorized their own websites to access your account data." To edit the list of authorized websites, go to this page.

2. "Check your browser for plug-ins, extensions, and third-party programs/tools that require access to your Google Account credentials. Plug-ins and extensions are downloadable computer programs that work with your browser to perform specific tasks. For example, you may have downloaded a plug-in or extension that checks your Gmail inbox for new messages. Google can't guarantee the security of these third party services. If those services are compromised, so is your Gmail password."

3. "Confirm the accuracy of your mail settings to ensure that your mail stays and goes where you want it to. Sign in to your account and click on the Settings link at the top to check the following tabs:

* General: Check Signature, Vacation Responder, and/or canned responses for spammy content
* Accounts: Verify your Send Mail As, Get mail from other accounts, and Grant access to your account are all accurate.
* Filters: Check that no filters are sending your mail to Trash, Spam, or forwarding to an unknown account.
* Forwarding and POP/IMAP: Ensure your mail isn't sent to an unknown account or mail client."

4. "Check for any strange recent activity on your account. Click the Details link next to the 'Last Account Activity' entry at the bottom of your account to see the time, date, IP address and the associated location of recent access to your account."

5. "Use a secure connection to sign in. In your Gmail settings, select 'Always use HTTPS.' This setting protects your information from being stolen when you're signing in to Gmail on a public wireless network, like at a cafe or hotel."

Microsoft have a antivirus for Microsoft Windows costumer. Microsoft Security Essentials is a new, free consumer anti-malware solution for your computer. It helps protect against viruses, spyware, and other malicious software. It's available as a no-cost download for Windows XP SP2 and higher, Windows Vista, and Windows 7.

The advantage of using Microsoft Security Essentials :

-Comprehensive protection—Microsoft Security Essentials helps defend your computer against spyware, viruses, worms, Trojans, and other malicious software.
-Easy to get, easy to use—Because Microsoft Security Essentials is available at no cost, there's no registration process that requires billing or personal information collection. It installs after a quick download and Genuine Windows validation and then stays automatically up-to-date with the latest protection technology and signature updates.
-Quiet Protection—Microsoft Security Essentials doesn't get in your way. It runs quietly in the background and schedules a scan when your computer is most likely idle. You only see alerts when you need to take action.

Microsoft Security Essentials security status

Microsoft Security Essentials has a clean, simple home page that shows the security state of your computer.
A green icon means that the security status of your computer is good.

A green icon means that the security status of your computer is good. Microsoft Security Essentials is up -to- date and is running in the background to help protect your computer against malware and other malicious threats. When your computer has an issue that requires your attention, the look of the Microsoft Security Essentials home page changes based on the issue. The status pane turns either yellow or red depending on the situation, and an action button appears in a prominent location on the page with the suggested action.

A yellow icon means that status is fair or potentially unprotected and that you should take some action, such as turning on real-time protection, running a system scan, or addressing a medium-severity or low-severity threat.
A red icon means that your computer is at risk and that you must address a high- or severe-level threat to protect it.

A red icon means that your computer is at risk and that you must address a severe threat to protect it. Click the button to take the recommended action and Microsoft Security Essentials will clean the detected file and then do a quick scan for additional malicious software.

For more product information and to download the product, visit Microsoft Security Essentials.

for download you can download direct from Microsoft Security Essentials.

Firewall is a fence that protects computers from destructive forces. This may prevent viruses and pop-ups, advertisements, and other programs embedded with them to effortlessly break into a property. A firewall’s protection also depends on how the user has set it to be, which usually varies from low to high.

Firewall protection works by blocking certain types of traffic between a source and a destination.All network traffic has a source, a destination, and a Glossary Link protocol. This protocol is usually TCP, UDP, or ICMP.

If this protocol is TCP or UDP, there is a source port and a destination port. Most often the source port is a random port and the destination port is a well-known port number. For example, the destination port for HTTP is 80 and the destination port for DNS is 53.

If the protocol is Glossary Link ICMP, there is also an ICMP message type. The most common ICMP message types are Echo Request and Echo Reply.
Firewall protection works by allowing the Glossary Link network security administrator to choose which protocols and ports or message types to allow -- and which ones to deny.

Firewall Protection: Denying Inbound

Most firewall configurations should deny all inbound traffic to all internal Glossary Link IP addresses.

Servers which must accept incoming connections should be placed on a DMZ network.

Modern firewalls will allow packets to come into the network which are responses to outbound traffic. What this means is that if you connect to a web server across the Internet, the firewall will automatically allow the responses from the web server to return to you.

Inbound restrictions are the main security value provided by firewalls.
Firewall Protection: Denying Outbound

Some network security administrators deny outbound traffic.

This is most often done to restrict users to approved protocols and prevent them from using unapproved protocols. This usually means preventing users from using online chat systems or preventing them from sending outbound e-mail.

Outbound restrictions are often vulnerable to work-arounds. These work-arounds require time and effort on the part of the network user, which limits the number of users who can utilize unapproved protocols. Outbound restrictions seldom, if ever, work entirely as designed.
Example Firewall Protection: Denying Inbound `ping`

The `ping` command sends out ICMP Echo Request messages and expects ICMP Echo Reply messages in response.

If you configure a firewall between the source and the destination to block ICMP Echo Request messages from the source to the destination, the `ping` command will fail.

Similarly, if you configure a firewall between the source and the destination to block ICMP Echo Reply messages from the destination to the source, the `ping` command will also fail.

The `ping` command can allow a potential attacker to map your network. Disabling inbound Echo Request messages prevents the use of the `ping` command to map your network.
Example Firewall Protection: Blocking Outbound E-mail

Internet e-mail uses the SMTP protocol. SMTP servers answer on TCP port 25.

If you block outbound TCP port 25 from your network, users will not be able to send outbound e-mail -- except through your approved e-mail servers.

However, a sophisticated user who operates their own mail server could configure their mail server to respond on another port, in addition to port 25. This would be an effective work-around your security policy.

If you have been using the Internet for any length of time, and especially if you work at a larger company and browse the Web while you are at work, you have probably heard the term firewall used.