The interactive mode displays an informational window which
reports detection of a new network connection, supplemented with
detailed information about the connection. The user can opt to allow
the connection or refuse (block) it. If you repeatedly allow the same
connection in the dialog window, we recommend that you create a
new rule for the connection. To do this, select the Remember action
option (Create rule) and save the action as a new rule for the Personal
firewall. If the firewall recognizes the same connection in the future,
it will apply the existing rule.
Please be careful when creating new rules and only allow connections
which are secure. If all connections are allowed, then the Personal
firewall fails to accomplish its purpose. These are the important
parameters for connections:
▪ Remote side: Only allow connections to trusted and known
addresses
▪ Local application: It is not advisable to allow connections for
unknown applications and processes
▪ Port number: Communication on common ports
(e.g. web – port number 80) is usually secure
In order to proliferate, computer infiltrations often use the Internet
and hidden connections to help them infect remote systems. If rules
are correctly configured, a Personal firewall becomes a useful tool for
protection against a variety of malicious code attacks.
4.2.7 Logging
The ESET Smart Security Personal firewall saves all important events
in a log file, which can be viewed directly from the main menu. Click
Tools > Log files and then select ESET Personal firewall log from the
Log drop‑down menu.
The log files are an invaluable tool for detecting errors and revealing
intrusions into the system, and should be given appropriate attention.
ESET Personal firewall logs contain the following data:
▪ Date and time of event
▪ Name of event
▪ Source and target network address
▪ Network communication protocol
▪ Rule applied, or name of worm, if identified
▪ Application involved
A thorough analysis of this data can help detect attempts to
compromise system security. Many other factors indicate potential
security risks and allow the user to minimize their impact: too
frequent connections from unknown locations, multiple attempts
to establish connections, unknown applications communicating, or
unusual port numbers used.
4.3 Antispam protection
Nowadays, unsolicited email – spam – ranks among the greatest
problems of electronic communication. It represents up to 80 percent
of all email communication. Antispam protection serves to protect
against this problem. Combining several very ecient principles, the
Antispam module provides superior filtering.
One important principle in spam detection is the ability to recognize
unsolicited email based on predefined trusted (whitelist) and
spam addresses (blacklist). All addresses from your email client are
automatically added to the Whitelist, as well as all other addresses
marked by the user as safe.
The primary method used to detect spam is the scanning of email
message properties. Received messages are scanned for basic
Antispam criteria (message definitions, statistical heuristics,
recognizing algorithms and other unique methods) and the resulting
index value determines whether a message is spam or not.
To Next Page
Loading...