Adding and changing the rules for accessing web resources. Merezhevy screen of Kaspersky Internet Security

Numbers that are being followed - safety and once again safety

Let's notice a wider situation: you have anonymous servers in your area, so they give you some services. It’s completely imaginative, because of them they can create a cool interface, which you can marvel at in the WAN, tobto. at the global measure. Call for proxy server, web server, mail, etc. It's not a secret for anyone that this very fact makes you think, like a competent system administrator about the security of your mesh infrastructure. I don't have any idea what could threaten a hacker's penetration into your network. There are no options to be safe from the attacks of the attacker. Among them - pobudova at home so called the demilitarized zone, or publish the server through your proxy, which is exactly (even so?) You have a hard and serious hack. The first option (DMZ) is not yet "lifted" through any reason. Let it be a marriage to the hour that possession of the system administrator. The other one (publish through another server) is even more spurious, but for the time being it is omitted. In the meantime, back to back, let's fix the mesh screen, the firewall is the same, the firewall is the fault. The main function of any firewall is to secure access to our computer by calling. I specifically wrote the word "computer", calling for those that home computers and work stations can also provide for an additional screen. Obviously, there is no 100% zakhist with a software firewall, or rather, nothing. Until then, I have the same idea that after my current manipulations, the server will no longer be scalable to risk Let's get started.

Laboratory stand

I use a server based on Windows Server 2008 R2, which is the VPN service behind the Microsoft RAS service. Windows Firewall is locked up. I didn’t dig into the new, I wanted to varto bulo b. Ale, because є corporate license of Kaspersky Enterprise Space Security, why not speed up and install Kaspersky Endpoint Security 8, to the warehouse of which the software screen is included.

Setting up the Kaspersky tethered screen

The screen of Kaspersky Endpoint Security 8 is identical to the rich screens of this browser, including the home version of Kaspersky Internet Security 2013, so if anyone has a different version of the antivirus, then, better for everything, the article is also given to you to help. And now let's do it.

Nalashtuvannya - anti-virus protection - mesh screen. Click the "Merge Packet Rules" button. Take away the list of rules, yakі pratsyyut at once. Some of them can be fenced, others are allowed. At the moment everything looks something like this:

As you mentioned, the screenshot is not correct. I took another product - KIS2013, but take my word for it - everything was exactly the same with KES8. І tse server, de zahist can be on the biggest equal! As for me, it’s rich here and everything is approximately clear: requesting DNS (TCP / UDP), administering support, whether activity with trusted measures is allowed, with local ones - privately, including the port, which is allowed for working remotely, including port TCP / UDP, and the axis of call activity - privately, for example, 5 rules for the ICMP protocol. So, half of the rules were ignorant, half were zayvі. Let's create a sheet from scratch and create our own rules.

First, that I am shy, having made my beloved rule. Deny All(defeat everything)

and placing yoga down. Then, for help searching the Internet, I found out that the VPN technology has been spoiled. Tse Protocol 47, which can I name GRE:

Rule s GRE I have expanded more than the defensible rule. One more port, which is required for VPN - 1723 . That's why I made the rule VPN_IN:

I placed the rule with the port of 1723 at the very top. Іnshi rules, I have trohi vidozminiv, deakі zalishiv. Viyshov such list (Firewall List):

I will comment on the skin.

I’ll tell you right away that I’ll rely on this article not varto. Possibly, I'm confused. I’m not a guru with nutritional security, I’ll ask that back, as if I’ve come to pardon. Criticism, praise and praise hover, write comments below.

You also like:

Monitor server traffic from Munin

27.02.2015 12:45:58

Anti-virus protection is one of the key components of computer protection in the form of shkіdlivih programs. The anti-virus protection is responsible for the installation and regular updates on the computer.

1. Recommendations for upgrading Kaspersky Endpoint Security 10 for Windows

1.1. Work station control

1.1.1. Program launch control

This component allows you to try to launch programs with short cuts and regulate the launch of programs for additional rules. To enable control over the launch of programs, you need to enable the following:

2. At the block Work station control choose a section Program launch control;

Notice Startup Control;

save.

1.1.2. Application activity control

This component registers the activity that is installed by the programs in the system, and regulates the activity of the programs in the fallacy depending on their status. To enable the program activity control, you need to enable the following:

1. Open the parameters window of the program;

2. At the block Work station control choose a section Program activity control;

3. Set an ensign next to the item Enable Application Activity Control;

4. Save changes by pressing the button save.

1.1.3. Monitoring of quirks

This component is responsible for re-verification on the volatility of the programs at the time of the launch and the already running programs. To enable the monitoring of strife, it is necessary:

1. Open the parameters window of the program;

2. At the block Work station control choose a section Monitoring of quirks;

3. Set an ensign next to the item Turn on Monitoring of quirks;

4. Save changes by pressing the button save.

1.1.4. Outbuilding control

This component allows you to control the connection of external outbuildings. To improve the control of outbuildings and the choice of outbuildings, it is necessary to follow the following:

1. Open the parameters window of the program;

2. At the block Work station control choose a section Outbuilding control;

3. Set an ensign next to the item Notice Control of outbuildings;

4. In the list of outbuildings, designate an outbuilding that needs to be controlled;

save.

1.1.5. Web control

This component allows you to control access to web resources depending on your needs and roztashuvannya. To enable access control to web resources, you need to enable the following:

1. Open the parameters window of the program;

2. At the block Work station control choose a section Web control;

3. Set an ensign next to the item Turn on web control;

4. Save changes by pressing the button save.

1.2. Antivirus Zakhist

1.2.1. File antivirus

File Anti-Virus allows you to select one of the installed security files, or you can set them yourself, set them, as it is your responsibility to disable the file anti-virus when an infected file is detected, select technology and file rechecking modes.

In order to disable File Anti-Virus, you need to include the following:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section File antivirus;

3. Set ensign Enable File Anti-Virus.

4. Save changes by pressing the button save.

Riven security

• high;
• recommendations;
• low.

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section File antivirus;

3. At the block Riven security

• Riven security

• Nalashtuvannya

Vіknі, scho vіdkrilosya File antivirus

4. Save changes by pressing the button save.

In order to change the details of File Anti-Virus, when an infected file is detected, it is necessary to disable the following:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section File antivirus;

3. For the block, select one of the following parameters:

• Rejoicing

4. Save changes by pressing the button save.

1.2.2. Post antivirus

The mail antivirus checks the incoming and outgoing mail alerts for whether they have any files that are blocking the computer.

In order to disable Postal Antivirus, you need to include the following:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section File antivirus;

3. Set ensign Check Postal Antivirus;

4. Save changes by pressing the button save.

Riven security

Equal security with different sets of parameters that can be set up to protect the file system. The anti-virus protection of Kaspersky Endpoint Security 10 for Windows includes three security levels:

• high;
• recommendations;
• low.

To change the level of safety, it is necessary to visconat such things:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section Post antivirus;

3. At the block Riven security choose one of the following options:

• Riven security

Vykoristovuyuchi pozzunok, choose one of the 3 installed security equals.

• Nalashtuvannya

Vіknі, scho vіdkrilosya Post antivirus set the file security level on your own and save the broken changes.

4. Save changes by pressing the button save.

Dії in case of detected threats

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section Post antivirus;

3. At the block Dії in case of detected threats choose one of the following options:

• Select date automatically
• Vikonuvati diyu: Likuvati. Vidaliti, like exuberance is impossible.
• Rejoicing
• Vidality, which is impossible to exult

4. Save changes by pressing the button save.

1.2.3. Web antivirus

Web anti-virus allows you to protect your computer for an hour of work on the Internet.

In order to disable Web Antivirus, you need to include the following:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section Web antivirus;

3. Set ensign Enable Web Anti-Virus.

4. Save changes by pressing the button save.

Riven security

Equal security with different sets of parameters that can be set up to protect the file system. The anti-virus protection of Kaspersky Endpoint Security 10 for Windows includes three security levels:

• high;
• recommendations;
• low.

To change the security level of your web traffic, follow these steps:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section Web antivirus;

3. At the block Riven security choose one of the following options:

• Riven security

Vykoristovuyuchi pozzunok, choose one of the 3 installed security equals.

• Nalashtuvannya

Vіknі, scho vіdkrilosya Post antivirus set the file security level on your own and save the broken changes.

4. Save changes by pressing the button save.

Dії in case of detected threats

In order to change the postal code of the Postal Anti-Virus, when an infected message is detected, it is necessary to change the following code:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section Web antivirus;

3. At the block Dії in case of detected threats choose one of the following options:

• Select date automatically
• Defend the vanity.
• Allow the entanglement

4. Save changes by pressing the button save.

1.2.4. IM Antivirus

IM-Antivirus allows you to change the traffic that is transmitted by programs for the secure exchange of notifications. In order to disable IM-Antivirus, you need to select the following:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section IM Antivirus;

3. Set ensign Enable IM Antivirus.

4. Save changes by pressing the button save.

Zahistu area

Under the area, the defenders are toiling for the protection of objects that are checked by IM-Antivirus for an hour of work. By default, IM-Antivirus converts inputs and outputs. In order to form the area of ​​zahishtu, it is necessary to vikonate the following:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section IM Antivirus;

3. At the block Zahistu area choose one of the following items:

• Entry and exit notices

If you select the IM-Antivirus parameter, it will disable the rechecking of all inputs and outputs to update the program for the exchange of notifications;

• Only entrance notes

If you select the IM-Antivirus parameter, it will only re-scan the inputs to update the programs for the swid- den exchange of messages;

4. Save changes by pressing the button save.

Methods of verification

Improving the heuristic analysis

In order to improve the methods of IM-Antivirus scanning, it is necessary to perform the following actions:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section IM Antivirus;

3. At the block Methods of verification

- surface;
- middle;
- Deep.

4. Save changes by pressing the button save.

IM-Antivirus cross-checking is sent behind the databases of shkidlivyh and phishing web addresses

In order to fix the re-verification by IM-Anti-Virus, you need to check the following for the databases of phishing and phishing web addresses:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section IM Antivirus;

3. At the block Methods of verification follow the next steps:

• Check the message on the basis of the skidlivih web address

Selecting these options allows you to change the check of the message in order to inform the programs of the exchange of notifications for your belonging to the database of the shdly web address;

• Check the message based on the phishing web address

Selecting these options allows you to check the phishing web address in order to confirm the programs of the swedish exchange of notifications to their affiliation to the base of the phishing web address.

4. Save changes by pressing the button save.

1.2.5. Merezhevy screen

On the screen, you can save data, which is stored on a computer connected to the local network and the Internet. The firewall screen allows you to display all threats on your computer and block all possible threats for OS threats.

Behind the promotions, the screen is highlighted. Vimikati yoga is not recommended. In order to turn off or turn off the middle screen, it is necessary to type the following:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section Merezhevy screen.

3. Design one of these activities:

• Set ensign Hide the mesh screen. When setting the right next to the item, the Merezhevy screen will turn up.
• Clean up ensign Hide the mesh screen. If you take the ensign opposite to the paragraph, the next screen will be closed.

4. Save changes by pressing the button save.

1.2.6. Defend against merezhevyh attacks

Defendant in the form of attacks, having detected a test of an attack on a computer, blocks whether the least activity of the attacking computer is any computer on which the anti-virus protection is installed. In order to increase the defense against the attacks, it is necessary to vikonat the following:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section Defend against merezhevyh attacks;

3. Set an ensign next to the item Turn on defense against merezhevyh attacks;

4. Set an ensign opposite the paragraph Add the attacking computer to the block list.

save.

1.2.7. System monitoring

Monitoring of the system zdіysnyuє sbirannya data about diї programs running on the computer. Nadalі zіbrana іnformatsija can be vikoristana at lіkuvannі programs (vіdkat dіy, zroblenіh shkіdlіvіmi programs in os), svіschennya file, scho konuєtsya, іn quarantine іn razі, yakshcho activity of the program zbіgаієz z pattern unsafe behavior.

For zamovchuvannyam Monitoring of raising and practicing. Vimikati yoga is only available for emergency use and is not recommended.

In order to include that vimknennya Monitoring, it is necessary to vikonat such things:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section System monitoring;

3. Choose one of these activities:

• Enable system monitoring.

It is necessary to set an ensign for monitoring monitoring

• Vimknuti System Monitoring.

It is necessary to take the ensign in order to turn off the monitoring.

4. Save changes by pressing the button save.

Improved system monitoring

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section System monitoring;

3. Check off the required items:

4. Save changes by pressing the button save.

Whiskey templates for unsafe program behavior

For vykoristannya templates it is necessary to vykonaty such diї:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section System monitoring;

3. At the block Proactive zahist set an ensign Whip up new patterns of unsafe behavior (BSS).

4. At the list, what is revealed When the program is active choose the right day:

• Select date automatically.

When choosing which item, the following items are counted, assignments for locking. For locking, the file of the shkіdlії program, which is locked, is placed in quarantine.

• Move file to quarantine.

When choosing which item to show the shkidlivy file will be moved to quarantine.

• Shut down the work with a random program.

When choosing this item, when the anti-virus program is detected, the anti-virus program will finish the job.

• Skip.

If you select this item, if a bad file is detected, the antivirus will not work with it every day.

Vidkat diy shkіdlivih programs pіd hіkuvannya

For the purpose of raising or waking up the account of diy shkіdlivih programs for the hour of jubilation, it is necessary to vikonat such diї:

1. Open the parameters window of the program;

2. At the block Antivirus Zakhist choose a section System monitoring;

3. Choose one of these activities:

When you check the checkbox next to this item, when you select shkіdlivih programs, you will be able to check out the ones introduced by these programs into the OS.

When the checkbox is ticked next to the item, at the hour of the jubilation of shkіdlivih programs, nothing will be checked out, scribbled by these programs in the OS.

• Vikonuvati vydkat diy shkіdlivih programs pіd hіkuvannya.

4. Save changes by pressing the button save.

1.3. Schedule manager

The adjustment of the schedule of the schedule allows you to check whether it’s the same in the tasks of the hour, which guarantees the regularity of the revision and updating.

1.3.1. Update

In order to set the time for the vicoon, it is necessary to viskonat the following:

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Update;

3. At the block Startup mode and old update press the button Startup mode

4. At the window, go to the tab Startup mode. Choose one of the following options for installing updates:

When choosing which item, it is necessary to adjust Periodicity installed update.

5. Save changes by pressing the button save.

1.3.2. Povna re-verification

Riven security

In order to improve the level of security and the hour of re-checking, it is necessary to follow these steps:

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Povna re-verification;

3. At the block Riven security

4. Save changes by pressing the button save.

Dії in case of detected threats

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Povna re-verification;

3. At the block

• Select date automatically
• Vikonuvati diyu

• Rejoicing
• You see, it’s impossible to exult.

4. Save changes by pressing the button save.

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Povna re-verification;

3. At the block Mode for launching and rechecking objects

• Startup mode

- Manually
- For the layout.

• Objects for verification

4. Save changes by pressing the button save.

1.3.3. Review of important areas

In order to improve the level of security of re-verification of important areas, it is necessary to follow the following:

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Review of important areas;

3. At the block Riven security for the help of a bailiff, choose a safety net. Transferred 3 equals:

• low
• Recommendations
• high

4. Save changes by pressing the button save.

Dії in case of detected threats

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Review of important areas;

3. At the block Dealing with detected threats it is necessary to choose one of the following:

• Select date automatically
• Vikonuvati diyu

When choosing an item, you can choose the following:

- Likuvati

4. Save changes by pressing the button save.

Mode for launching and rechecking objects

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Review of important areas;

3. At the block Mode for launching and rechecking objects it is necessary to adjust the following parameters:

• Startup mode

When pressing the button, it will open and close. It is necessary to choose one of the startup modes:

- Manually
- For the layout.

• Objects for verification

As soon as you press the button, you can see it is fixed. It is necessary to specify objects for rechecking, and you can also add new objects.

4. Save changes by pressing the button save.

1.3.4. Vibirkova reverb

In order to improve the level of safety of vibratory re-verification, it is necessary to vikonat such things:

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Vibirkova reverb;

3. At the block Riven security for the help of a bailiff, choose a safety net. Transferred 3 equals:

4. Save changes by pressing the button save.

Dії in case of detected threats

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Vibirkova reverb;

3. At the block Dealing with detected threats it is necessary to choose one of the following:

• Select date automatically
• Vikonuvati diyu

When choosing which item, you can choose the following:

- Likuvati
- You see, it’s impossible to exult.

4. Save changes by pressing the button save.

Recheck start mode

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Review of important areas;

• At the block Mode for launching and rechecking objects it is necessary to improve Startup mode

When pressing the button, it will open and close. It is necessary to choose one of the startup modes:

- Manually
- For the layout.

save.

1.3.5. Poshuk quirks

The search for frivolity allows you to regularly check the installed software on the frivolity, allowing you to quickly find out about possible problems and fix them in your own time.

Objects for verification

In order to set up objects for a joke of inconsistencies, it is necessary to follow the following sequence:

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Poshuk quirks;

3. At the block Objects for verification it is necessary to tick off the checkboxes, in whose products it is necessary to check the checkbox for quirks:

• Microsoft
• Other virobniks

4. Save changes by pressing the button save.

In order to set up the mode of launching a search for frivolities, it is necessary to use the following:

1. Open the parameters window of the program;

2. At the block Schedule manager choose a section Poshuk quirks;

3. At the block Startup mode it is necessary to choose one of the upcoming modes when launching the search for silliness:

• manually;
• For layout.
• Save changes by pressing the button save.

4. Save changes by pressing the button save.

2. Recommendations for upgrading Dr.Web Desktop Security Suite (for Windows workstations), version 6.0

2.1. Advice

Notifications allow you to promptly retrieve information about important Dr.Web applications. For nalashtuvannya povіdomlen it is necessary to vikonat such diї:

1. Open the parameters window of the program;

2. At the depositor Main select item Advice.

3. Set an ensign next to the item Vikoristati podomlennya and press the button Parameters of the word…

4. At the end, designate the necessary information for you as ensigns. When choosing the ensign, you can insert it in one of the columns:

• Screen.

When setting the right next to the item, the notification screen will be displayed

• Post.

When setting the right to the opposite paragraph, the notice must be sent in due course.

5. Specify additional parameters for displaying screen alerts:

• Do not display the alarm in the double screen mode.

Selecting this item allows you not to take away the time of work with programs in full-screen mode.

• Display the Firewall alert on a normal screen in full screen mode.

Selecting this item allows you to display the firewall on the working table for an hour and a half-screen mode.

6. Save changes by pressing the button OK.

2.2. Update

For nalashtuvannya novlen it is necessary to viskonat such diї:

1. Open the parameters window of the program;

2. At the depositor Main select item Update.

3. Select the components to be used:

• Usy (recommended);
• Tilki bazi.

4. Install Periodicity of updates.

5. Set up a new update by pressing the button Change…

At the vіknі choose one of the dzherel novlen:

• Internet (recommended).

When choosing which item, updates are installed from the site of the retailer.

• Local or shared folder.

When you select this item, the updates are installed from the local or local folder, in order to copy the updates.

• Antivirus measure.

When choosing which item, the updates are installed through the local network from the computer on which the antivirus is installed and the update mirror is created,

6. Save changes by pressing the button OK.

7. Select a proxy server by pressing the button Change…

It is necessary to specify the connection to the proxy server in the window:

• Addresses
• Koristuvach
• Password
• Authorization type

8. Save changes by pressing the button OK.

9. Select the mirror update by pressing the button Change…

At the vіknі vkazhіt way to the folder, in the yak kopiyuvatimutsya updates.

10. Save changes by pressing the button OK.

11. Save all the saved changes by pressing the button OK.

2.3. Anti-virus network

Function Anti-virus network allows you to remotely install anti-virus protection from other computers at the boundaries of the same local borders, on which you have installed your own anti-virus protection.

To increase this parameter, enter the following:

1. Open the parameters window of the program;

2. At the depositor Main select item Anti-virus network.

3. Set an ensign next to the item Allow distance keruvannya.

4. Save changes by pressing the button OK.

2.4. Preventive zahist

Setting up a preventive attack allows you to set up an anti-virus attack against a variety of third-party programs, which can lead to computer infection.

Riven of preventive zakhistu

For the establishment of a preventive zakhistu, it is necessary to vikonat such actions:

1. Open the parameters window of the program;

2. At the depositor Main select item Preventive zahist.

3. Set the blocking rate for suspected children by pressing the button Change….

• Minimum (recommendations)

Riven for zamovchuvannyam. This kind of protection prevents automatic change of system objects, modification of which unequivocally testify to the error on the OS. It also prevents low disk access and modification to the HOSTS file.

• Middle

Tsey rіven dodatkovo zaboronyaє access to tih critical ob'ektіv, yakі potentially mozhut vikoristovuvatsya shkіdlivimi programs.

• paranoid

At the time of your choice, you will have access to interactive control over driver engagements, automatic launch of the program and system services by the robot.

4. Save changes by pressing the button OK.

Zahist vіd spend danikh

Defending data allows you to create copies of selected folders, protecting important files from changing shkidlivyh programs.

For nalashtuvannya zahistu vіd vtrai danih it is necessary to vikonat such diї:

1. Open the parameters window of the program;

2. At the depositor Main select item Preventive zahist.

3. To fix the defense against wasting data, press the button Change…

4. At the window, choose an option Vimknuti zahist vіd spend danikh

5. To add files that need to be copied, press the button Add

6. Indicate the place where copies are made and the frequency for which copies are made.

7. Save changes by pressing the button OK.

To update the data at different times, spend the following:

1. Open the parameters window of the program;

2. At the depositor Main select item Preventive zahist.

3. Press the button Reinforcing…

4. At the end of the day, select the date, for which all the specified copies of the files will be updated in the specified folder.

5. For the beginning of the update, press the button OK.

2.5. self-defense

The self-defense function allows you to protect anti-virus protection from an unauthorized injection.

To enable self-defense, it is necessary:

1. Open the parameters window of the program;

2. At the depositor Main select item self-defense.

3. Put the ensign in front of the paragraph Turn on self-defense.

4. For consumption, put the proportions opposite the next paragraphs:

• Harrow emulation diy koristuvach

Tsya option to protect whether or not you change the robot's anti-virus protection, the cream was introduced by hand by hand.

• Stop changing the date and time of the system

This option saves manually and automatically changes the time of the system.

• Password Protect Dr.Web

This option allows you to set a password to access the settings of the anti-virus software.

5. Save changes by pressing the button OK.

2.6. Zakhist of electronic mail

2.7. Switch programs

For zamovchuvannyam vіdbuvaєtsya perepochlennya postal traffic of all addenda koristuvacha on the computer. In order to set blame - programs, postal traffic, which cannot be overstepped, it is necessary to vikonate like this:

1. Open the parameters window of the program;

2. At the depositor SpIDer Mail select item Switch programs.

3. To add the program to the vinyaty, you need to enter the required name in the input field and press the button Add

4. Save changes by pressing the button OK.

2.8. firewall

The firewall allows your computer to be compromised from unauthorized access and to protect a round of important data as soon as possible. Vimikati yoga is not recommended.

To turn off or turn off the firewall, it is necessary to remove the attack:

1. Open the parameters window of the program;

2. At the depositor firewall select item note or run.

3. Save changes by pressing the button OK.

To set up a firewall, follow these steps:

1. Open the parameters window of the program;

2. At the depositor firewall go to tab Programs

3. For the skin program, you can:

• Formulate a set of filtering rules. For whom it is necessary:

Press the button Create

Change

Copy.

• View all the rules of the program. For whom it is necessary:

Vidality.

4. Save changes by pressing the button OK.

2.9. interface

In order to set a set of filtering rules for packets that are transmitted through the same media interface, you need to enter the following:

1. Open the parameters window of the program;

2. At the depositor firewall go to tab interface

3. Select the required interface from the list and set the required rule from the list.

4. Save changes by pressing the button OK.

2.10. Packet filter

To set the parameters of the packet filter, it is necessary to set the following parameters:

1. Open the parameters window of the program;

2. At the depositor firewall go to tab interface and press the button Nalashtuvati

3. At the end of the firewall, you can change the following:

Formulate a set of filtering rules. For whom it is necessary to viskonate such a diї:

• Create a set of rules for a new program. For whom it is necessary:

Press the button Create

• Vіdredaguvati nayavny nabіr rules. For whom it is necessary:

Select the current set of rules from the list and press the button Change

• Add a copy of the explicit set of rules. For whom it is necessary:

Select the current set of rules and press the button Copy.

• Vidality vibraniya nabіr rules. For whom it is necessary:

Select the correct set of rules and press the button Vidality.

4. Save changes by pressing the button OK.

2.11. Dr.Web Scanner

3. Visnovok

Antivirus zasіb zakhistu, without exception, is one of the most important warehouses in the case of safe computer security, prote, do not forget that antivirus zasіb zahistu is not a panacea for all kinds of threats.

Do not forget about the basic adjustment of PC security (""). It is also necessary to remember about security in the Internet (“”).

To add or change the rule for access to web resources, follow these steps:

1. Vіdkryte Vіkno nastuvannya parametrі v programі.
2. At the left part of the window at the branch Work station control Select pdrozdil Web Control.

   The right part of the window contains the parameters of the Web Control component.

3. Click one of these diy:
   • If you need to add a rule, click the Add button.
   • To change a rule, select the rule in the table and press the Change button.

   Vіdkryєtsya vіkno.

4. Specify or change the parameters of the rule. For whom, read the following:
   1. For the Name field, enter or change the name of the rule.
   2. At the list that opens up Filter zmist select required item:
      • Be-yaky zmist.
      • For categories, I'll change.
      • For data types.
      • For categories change and types of data.
   3. How to select an element, visible Be-yaky zmist, there are blocks for selecting categories to change and/or data types. Set the right to change the names of the different categories and / or types of data.

      The rule set instead to name the category of change and/or data type means that Kaspersky Endpoint Security, according to the rule, controls access to web resources, which should lie before the selected categories of change to/or data types.

   4. At the list that opens up Zastosovuvat to the address select required item:
      • To all address.
      • To okremih address.
   5. How to select an element To okremih address, a block is required for which it is necessary to create a list of web resource addresses. You can add or change the addresses of web resources using the Add, Edit, Vidality buttons.
   6. Set ensign Indicate koristuvachіv this/or group.
   7. Press the Select button.

      Vіdkryєtsya vikno Microsoft Windows Vibir koristuvachiv chi group.

   8. Specify or change the list of correspondents and/or groups of correspondents, for which access to the web resources described in the rule is allowed.
   9. From the open list, select the necessary element:
      • Allow. If you select a value, Kaspersky Endpoint Security allows access to web resources that satisfy the rule settings.
      • Fence. As soon as the value is selected, Kaspersky Endpoint Security blocks access to web resources that satisfy the rule parameters.
      • Get ahead. If you choose a value, then when you try to access web resources, if you follow the rule, Kaspersky Endpoint Security will display a warning about those that the web resource is not recommended for viewing. With the help of an early warning, you can take away access to a powered web resource.
   10. Select from the list The layout of the robot rules I will name the necessary layout or form a new layout based on the reverse layout of the robot and the rule. For whom, read the following:
       1. Press the button Set up next to the dropdown list The layout of the robot rules.

          Vіdkryєtsya vіkno The layout of the robot rules.

       2. To add to the layout of the robotic rule the interval of the hour, which rule does not work out, at the table from the image layout, the robotic rules, with the left key of the mouse, select the middle of the tables, so that you can indicate the hour you need that day of the day.

          The color of the middle changes to Syria.

       3. So that at the layout of the work rules, change the interval for the hour, by stretching which rule is practiced, by the interval for the hour, by stretching which rule is not practiced, with the left key of the mouse, select the sіrі komіrki tables, yakі dpovіdat the hour you need that day of the day.

          The color of the middle changes to green.

       4. Press the Save as button.

          Vіdkryєtsya vіkno Name the layout of the robot and the rules.

       5. Enter the name of the layout of the work and the rules, or leave the name for the promotion.
       6. Press the OK button.
5. Vіknі Web resource access rule press the OK button.
6. Click the Save button to save your changes.

Merezhevy screen of Kaspersky Internet Security

Alexander Antipov

The first crock to the safe is more expensive by the boundless expanses of all the powers that be, obviously, the installation of a hopeful protection. One of the few such benefits is the complex product Kaspersky Internet Security.

The first crock to the safe is more expensive by the boundless expanses of all the powers that be, obviously, the installation of a hopeful protection. One of the few such benefits is the complex product Kaspersky Internet Security. Irrespective of those that the KIS product is to be folded, as soon as it is installed, it is ready to put all the clothes on the new binding. The need for additive tinctures is rare, but a big plus for retailers. But it is necessary to understand that this possibility is based on a wide range of compromise solutions. Why do you look at it from the butt of the tread screen.

Setting up a truss screen consists of two parts: rules for program and packet rules. For the help of the rules of the program, you can allow either blocking programs or groups of programs to overpower or accept packets or set up a network. For the help of packet rules, it is allowed either to block the installation of inputs or outputs, that transmission or reception of packets.

We wonder what are the rules for the programs.

Usі programs є chotiru categories:

1. Trust - they are allowed everything without a blame.
2. Weak obezhennya - the rule “zapit dії” has been introduced, which allows koristuvachev independently to make a decision about the dotsilnіst splіkuvannya program tsієї group.
3. Strong obezhennya - if I allow robots to merge, those who are weak.
4. Do not trust - for zamovchuvannyam tsim programs fenced off be-like a merezhve splkuvannya (in human terms, Skoda їх).

The group "trusted" for the use of all programs from Microsoft, KIS itself and other programs from other manufacturers. For nalashtuvan for umovchannyam, the choice is good, but especially if I don’t become a bi to all programs, let me know and immenih virobnikiv, so trust unconditionally.

How do you use the programs to get to your other group? Everything is not so simple here. Decisions about the placement of specific programs in one of the four groups are accepted on the basis of a number of criteria:

1. Availability of information about the program in KSN (Kaspersky Security Network).
2. Launch of the digital signature program (passed before).
3. Heuristic analysis for non-domic programs (for the type of warlock).
4. Automatically place the program in the back of the group.

All these options are found in the "Program Control" settings. Behind the locks, the first three options are installed, which will lead to a great number of “trusted” programs. The fourth option can be chosen independently as an alternative to the first three.

Let's do an experiment. Let's move the program (for example, the “Opera” browser) to the list of programs with weak exchanges and marvel at how the rule “apply to diy” works. To enter the rules of the program, you need to close and reopen the program, the rules of which have been changed. Now you can try to go to any site, you won’t be able to get the same request, and the program will calmly install the network. As it turned out, the rule "request dії" only works, but in the main parameters of the defense, the ensign for the option "Select dії automatically" was taken.

One more surprise is checking for corruption utilities such as ping, tracert (like the "request di" rule expand on trusted programs), putty (ssh client) and, perhaps, similar ones. For them, KIS simply doesn't want to display the screen for water. Here, there may be more than one option - you can install it manually for a specific program.

First, go to the package rules, I will allow you to do one thing: create your own subgroup programs for the skin group. For example: "Merezhevі utilities", "Office programs", "Programs for the Internet", etc. First, you can always know the program you need, and, in a different way, you can set the rules for the songs of the group, replace the rules for the other programs.

Packet rules.

Packet rules have other signs of packets: protocol, directly, local port, remote address. Packet rules can act as “allowing”, “protecting” and “per program rules”. The rules are looked through to the beast down the docks, it is known that it is possible to protect the rule for the succession of the sign. If a packet rule is not found, then the default rule will be halted. Sound in the framing screens with the remaining rule to install the fence for receiving and transmitting any packets, but for KIS it is not allowed.

Diya "for the rule of the program" є for its nature "vіknom" for the power of the rules of the program. Tse zruchno, oskіlki can signify the blackness of vikonannya rules. For example, the program sends a packet to port 53 of the DNS server. If there is no packet rule with a rule "for program rules", directly "withdrawn", remote port 53 (otherwise not assigned), and for the program a rule is set to allow the packet to be sent to port 53, then the packet will be sent, if the program is blocked to send packets to 53 port, then this package will not be forwarded.

The area of ​​rules includes a single area: "whether or not addresses" (all addresses), "addresses under the address" - here you can choose the type of address "trusted", "local" or "public", and "addresses from the list" - specify IP addresses or domain names manually. Changing a specific media to “trusted”, “local” or “public” is set at the higher settings of the media screen.

Packet rules KIS, on the view of the greater number of merged screens, rewitched by a great number of directives: "inbound", "inbound (potik)", "outbound", "outbound (potik)", and "in/out". Moreover, the rules for the current protocol do not work that direction. For example, the ICMP blocking rule at once from streaming directs does not clear anything else. fenced packets pass. Before UDP packets, I need to stop streams directly, wanting the UDP protocol for its nature, as it does not create such a “stream”, on TCP.

Another, not well-known, acceptance point is related to the fact that in the packet rules it is possible to specify a reaction to the blocking of an incoming packet: to block the acceptance of a packet with the notification of the party that it was ruled out, or simply drop the packet. This is the name of the “invisibility” mode, which was earlier used by the lace screen.

Now we are beastly to the rules.

Rules 1 and 2 allow, according to the program rules, to query DNS over TCP and UDP protocols. Crazy, insulting the rules are correct, but basically such programs, like mail and browsers, query the addresses of sites through the DNS system service, for the work of which the system program "svchost.exe" is sent. For its own sake, the service itself uses specific addresses of DNS servers, which can be entered manually or via DHCP. DNS server addresses change rarely, so it would be enough to allow the DNS request management for the “svchost.exe” system service to be fixed on the domain name server.

Rule 3 allows programs to send electronic mail over the TCP protocol. Here, as well as for the first two rules, it would be sufficient to create a rule for a specific program using electronic mail, pointing to which port and server to run.

The 4th rule allows for any kind of merezhnі activity for trusted merezh. Be more respectful when the rule is included, do not confuse the type of measure. This rule actually mimics the functionality of the truss screen in trusted trusses.

The 5th rule allows for any kind of activity following the rules of the programs for local networks. Tse want and do not turn on the same mesh screen, but by a significant world weaken the control functions. Following the logic of 4 and 5, the rules will need to be distributed at the top, in order to allow the processing of packets with rules 1 - 3 when the computer is in the trusted or local area.

6th rule is blocked in the distance by a computer using the RDP protocol. Although the area dії rules “all addresses”, but there are more dіє less for “huge cities”.

7th and 8th rules block access from the network to the network services of the computer behind the TCP and UDP protocols. Practically, the rule is less for “huge merezhas”.

Rules 9 and 10 allow everyone to connect without a fault to the computer, no matter how many, especially, including services fenced by rules 6-8. Ale, be more respectful, merezhnaya activity for locking is allowed to practically all programs, not trusted for a wink.

Rules 11 - 13 allow receiving ICMP input packets for all programs. Sense in these rules is no more, lower than 1 - 3, because ICMP is more important than ping and tracert.

Rule 14 prevents the acceptance of all types of ICMP packets, obviously allowed by rules 11 - 13.

16 rule blocking incoming ICMP v6 requests. ICMP v6 is not needed for the most important ones. It would be possible to fence yoga again.

The 17th rule allows everything that is clearly not allowed and has been blocked by the previous rules. Tse rule, even though it does not appear on the screen, but remember about your reason, insanely, necessary.

The installation of the KIS lace screen is perfectly good and suitable for most home computers, on any, well, and orientations of the whole product. Ale’s sleazy and nevibaglivist to dodatkovyh nalashtuvan, about yaku was guessing on the cob of statti, unfortunately it reaches for the rahunok of the security of the koristuvachs themselves, the roblyachs themselves are safer than the fallow type of the human factor: knowledge and bezmilkovy dіy of the koristuvach himself.