User manual KASPERSKY SMALL OFFICE SECURITY 2

[. . . ] Kaspersky Small Office Security 2 User Guide PROGRAM VERSION: 9. 1 Dear User!We hope that this document will help you in your work and will provide answers to most of the questions regarding this software product. This document is the property of Kaspersky Lab: all rights to this document are reserved by the copyright laws of the Russian Federation, and by international treaties. Illegal reproduction and distribution of this document or parts hereof shall result in civil, administrative or criminal liability pursuant to the laws of the Russian Federation. [. . . ] The computer attempts to reply to each inbound packet, which slows the processor to a crawl. The SYN Flood attack consists of sending a large quantity of queries to a remote computer to establish a fake connection. The system reserves certain resources for each of those connections, which completely drains your system resources, and the computer stops reacting to other connection attempts. 131 USER GUIDE Intrusion attacks, which aim to take over your computer. This is the most dangerous type of attack, because if it is successful, the hacker takes total control of your system. Hackers use this attack to obtain confidential information from a remote computer (for example, credit card numbers, passwords), or to penetrate the system to use its computing resources for malicious purposes later (e. g. , to use the invaded system in a zombie network, or as a platform for new attacks). They may be divided into three groups depending on the operating system installed on the user's computer: Microsoft Windows attacks, Unix attacks, and the common group for network services available in both operating systems. The following types of attacks are the most common among those using the network resources of operating systems: Buffer overflow attacks. Buffer overflow may be caused by lack (or insufficiency) of control when working with data arrays. This is one of the oldest vulnerability types and the easiest for hackers to exploit. Format string errors arise from insufficient control of input values for I/O functions, such as printf(), fprintf(), scanf(), and others, from the standard C library. If an application has this vulnerability, the hacker is able to send queries created with a special technique and can take total control of the system. Intrusion Detection System automatically analyzes and prevents attempts to exploit these vulnerabilities in the most common network services (FTP, POP3, IMAP) if they are running on the user's computer. Attacks aimed at computers with Microsoft Windows are based on the use of vulnerabilities of the software installed on a computer (such as Microsoft SQL Server, Microsoft Internet Explorer, Messenger, and system components available via the network ­ DCom, SMB, Wins, LSASS, IIS5). In addition, the use of various malicious scripts, including scripts processed by Microsoft Internet Explorer and Helkern-type worms, can be classified as isolated incidents of intrusion attacks. The essence of this attack type consists of sending a special type of UDP packets to a remote computer that can execute malicious code. ENABLING AND DISABLING NETWORK ATTACK BLOCKER By default, Network Attack Blocker is enabled, functioning in optimum mode. In the left part of the window, in the Protection Center section, select the Network Attack Blocker component. In the right part of the window, uncheck the Enable Network Attack Blocker box if you need to disable this component. Check this box if you need to enable the component. EDITING THE BLOCKAGE SETTINGS By default, Network Attack Blocker blocks the activity of a computer making an attack for one hour. You can cancel blockage of the selected computer or change the time of blockage. To modify the time for which the computer making an attack will be blocked: 132 ADVANCED APPLICATION SETTINGS 1. In the left part of the window, in the Protection Center section, select the Network Attack Blocker component. In the right part of the window, check the Add the attacking computer to the list of blocked computers for box and specify the time of blockage. To unblock the computer making an attack: 1. [. . . ] 218 S Safe Run mode selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 shortcut creation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Security Zone inheriting rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 Security Zone rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [. . . ]