Exercise 15: Protecting and archiving data

1. What makes a firewall a good security investment? Accessing the Internet, find two or three firewall vendors. Do they provide hardware, software or both?

Firewall is a device that protects data on systems and the computer system themselves. Firewall provides a controll point of entry into and out of computer system (internal network). Computer system may a very large investment for a company. Firewall help to minimize the chance of needed repairs for an intrusive attack from outside (such as Internet). Firewall is a safegruad which protect (Zalenski, 2002):

• Data integrity - Data needs to be protected from any unwarranted changed
• Availability - Data needs to be accessible when needed
  
• Secrecy - Data privacy needs to be secured when applicable

If the system of a company is attacked by malicious intrusion, the ability of the system may decrease or halted. This inability may infect deliver as promised, and can damage the integrity of the company. The revenues of the company may be hurted (Zalenski, 2002). Those make firewall become a good investment.

Firewall Vendors:

• Check Point - http://www.checkpoint.com, provides integrated appliance solutions (Security Gateways) for both hardware and software
  
• SonicWALL - http://www.sonicwall.com, provides both hardware and software firewall products
• Juniper Networks - http://www.juniper.net, provides both hardware and software integrating firewall called NetScreen.

2. Find out if your university or workplace has a backup policy in place. Is it followed and enforced?

My company has the backup policy:

• Critical data should be backed up
• Backup data should be stored at a location that is physically different from its original creation and usage location
• The ability to retrieve and restore backup data should produce successful results. The verification through restoration from backed-up data, should be performed on a regular basis
• Procedures for backing up critical data and testing of the procedures should be documented.

We almost follow the above policy in our daily backup:

• We backup application's data, user's data and users' e-mail daily
• Write down the daily backup status in the log book
• Store the backup tapes in China's office
• Restore the backup files from tape monthly for verification
  

3. Most of the antivirus software perform an active scanning of the user activity on the Internet, detecting downloads and attachments in e-mails. Hackers have readily available resources to create new viruses. How easy is it to find a virus writing kit? Search the Internet and find such a tool. For example, see what you can find at http://vx.netlux.org/dat/vct.shtml.

I search the 'virus writing kit' in Yahoo. The result of it:


There are many documents in the internet talking about virus writing kits. They said that the virus writing are easy be downloaded from the Internet like (Szor, 2005):

• VCS (Virus Construction Set) - the first virus generator written in 1990.
• GenVir - released as a shareware in France by J. Struss in 1990-1991.
• VCL (Virus Creation Laboratory) - was written in US in 1992.
• PS-MPC (Phalcon-Skism Mass-Produced Code Gemnerator) - was created in 1992 in US by Dark Angel.
• NGVCK (Next Generation Virus Creation Kit) - introduced in 2001 by SnakeByte
• Amateurs - over 150 kits and code mutators are available, in 1996 such tools become extremely popular
  

Example of Virus Generator Kits:


Reference

1. Zalenski, R. (2002), Firewal technologies, Potentials, IEEE, 24-29.
2. Szor, P. (2005), Advanced code evolution techniques and computer virus generator kits, informIT network, Retreived at https://www.informit.com/articles/article.aspx?p=366890&seqNum=7 on 27th April, 2009.