Detailed instructions for use are in the User's Guide.
[. . . ] We hope that this document will help you in your work and will provide answers to most of the questions regarding this software product. This document is the property of Kaspersky Lab: all rights to this document are reserved by the copyright laws of the Russian Federation, and by international treaties. Illegal reproduction and distribution of this document or parts hereof result in civil, administrative or criminal liability pursuant to the laws of the Russian Federation. Any type of reproduction or distribution of any materials, including translations, is allowed only with the written permission of Kaspersky Lab. [. . . ] The ICMP Flood attack consists of sending a large quantity of ICMP packets to your computer. The computer attempts to reply to each inbound packet, which slows the processor to a crawl. The SYN Flood attack consists of sending a large quantity of queries to a remote computer to establish a fake connection. The system reserves certain resources for each of those connections, which completely drains your system resources, and the computer stops reacting to other connection attempts. This is the most dangerous type of attack, because if it is successful, the hacker takes total control of your system. Hackers use this attack to obtain confidential information from a remote computer (for example, credit card numbers, passwords), or to penetrate the system to use its computing resources for malicious purposes later (e. g. , to use the invaded system in a zombie network, or as a platform for new attacks). They may be divided into three groups depending on the operating system installed on the user's computer: Microsoft Windows attacks, Unix attacks, and the common group for network services available in both operating systems. The following types of attacks are the most wide-spread among those using the network resources of operating systems: Buffer overflow attacks. Buffer overflow may be caused by lack (or insufficiency) of control when working with data arrays. This is one of the oldest vulnerability types and the easiest for hackers to exploit. Format string errors arise from insufficient control of input values for I/O functions, such as printf(), fprintf(), scanf(), and others, from the standard C library. If a program has this vulnerability, the hacker able to send queries created with a special technique, can take total control of the system. Intrusion Detection System automatically analyzes and prevents attempts to exploit these vulnerabilities in the most common network services (FTP, POP3, IMAP) if they are running on the user's computer. Attacks aimed at computers with Microsoft Windows are based on the use of vulnerabilities of the software installed on a computer (such as Microsoft SQL Server, Microsoft Internet Explorer, Messenger, and system components available via the network DCom, SMB, Wins, LSASS, IIS5). In addition, the use of various malicious scripts, including scripts processed by Microsoft Internet Explorer and Helkern-type worms, can be classified as isolated incidents of intrusion attacks. The essence of this attack type consists of sending a special type of UDP packets to a remote computer that can execute malicious code.
ENABLING AND DISABLING NETWORK ATTACK BLOCKER
By default, Network Attack Blocker is enabled, functioning in optimum mode. Open the main application window.
144
ADVANCED
APPLICATION SETTINGS
2. In the left part of the window, in the Protection Center section, select the Network Attack Blocker component. In the right part of the window, uncheck the Enable Network Attack Blocker box if you need to disable this component. Check this box if you need to enable the component.
EDITING THE BLOCKAGE SETTINGS
By default, Network Attack Blocker blocks the activity of a computer making an attack for one hour. You can cancel blockage of the selected computer or change the time of blockage. To modify the time for which the attacking computer will be blocked: 1. [. . . ] 184 account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 Caption Button . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 changing Master Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 encryption method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [. . . ]