10 essential security tips: protect your site from hackers

10 essential security tips: protect your site from hackers inShare Short url Ruald Gerber and Toby Compton set out best practices for avoiding security disasters You may not think your site has anything worth being hacked for, but websites are compromised all the time. The majority of security breaches are not to steal your data or deface your website, but instead attempts to use your server as an email relay for spam, or to setup a temporary web server, normally to serve files of an illegal nature. Hacking is regularly performed by automated scripts written to scour the Internet in an attempt to exploit known security issues in software. Here are our top 10 tips to help keep you and your site safe online: Advertisement 1. Keep software up to date It may seem obvious, but ensuring you keep all software up to date is vital in keeping your site secure. This applies to both the server operating system and any software you may be running on your website such as a CMS or forum. When security holes are found in software, hackers are quick to attempt to abuse them. If you are using a managed hosting solution then you don't need to worry so much about applying security updates for the operating system as the hosting company should take care of this. If you are using third-party software on your website such as a CMS or forum, you should ensure you are quick to apply any security patches. Most vendors have a mailing list or RSS feed detailing any security issues. WordPress, Umbraco and many other CMSes notify you of available system updates when you log in. 2. SQL injection SQL injection attacks are when an attacker uses a web form field or URL parameter to gain access to or manipulate your database. When you use standard Transact SQL it is easy to unknowingly insert rogue code into your query that could be used to change tables, get information and delete data. You can easily prevent this by always using parameterised queries, most web languages have this feature and it is easy to implement. Consider this query: "SELECT * FROM table WHERE column = '" + parameter + "';" If an attacker changed the URL parameter to pass in ' or '1'='1 this will cause the query to look like this: "SELECT * FROM table WHERE column = '' OR '1'='1';" Since ‘1’ is equal to ‘1’ this will allow the attacker to add an additional query to the end of the SQL statement which will also be executed. 3. XSS Cross site scripting is when an attacker tries to pass in JavaScript or other scripting code into a web form to attempt to run malicious code for visitors of your site. When creating a form always ensure you check the data being submitted and encode or strip out any HTML. 4. Error messages Be careful with how much information you give away in your error messages. For example if you have a login form on your website you should think about the language you use to communicate failure when attempting logins. You should use generic messages like “Incorrect username or password” as not to specify when a user got half of the query right. If an attacker tries a brute force attack to get a username and password and the error message gives away when one of the fields are correct then the attacker knows he has one of the fields and can concentrate on the other field. Keep your error messages vague 5. Server side validation/form validation Validation should always be done both on the browser and server side. The browser can catch simple failures like mandatory fields that are empty and when you enter text into a numbers only field. These can however be bypassed, and you should make sure you check for these validation and deeper validation server side as failing to do so could lead to malicious code or scripting code being inserted into the database or could cause undesirable results in your website. 6. Passwords Everyone knows they should use complex passwords, but that doesn’t mean they always do. It is crucial to use strong passwords to your server and website admin area, but equally also important to insist on good password practices for your users to protect the security of their accounts. As much as users may not like it, enforcing password requirements such as a minimum of around eight characters, including an uppercase letter and number will help to protect their information in the long run. Passwords should always be stored as encrypted values, preferably using a one way hashing algorithm such as SHA. Using this method means when you are authenticating users you are only ever comparing encrypted values. For extra security it is a good idea to salt the passwords, using a new salt per password. In the event of someone hacking in and stealing your passwords, using hashed passwords could help damage limitation, as decrypting them is not possible. The best someone can do is a dictionary attack or brute force attack, essentially guessing every combination until it finds a match. When using salted passwords the process of cracking a large number of passwords is even slower as every guess has to be hashed separately for every salt + password which is computationally very expensive. Thankfully, many CMSes provide user management out of the box with a lot of these security features built in, although some configuration or extra modules might be required to use salted passwords (pre Drupal 7) or to set the minimum password strength. If you are using .NET then it's worth using membership providers as they are very configurable, provide inbuilt security and include readymade controls for login and password reset. 7. File uploads Allowing users to upload files to your website can be a big security risk, even if it’s simply to change their avatar. The risk is that any file uploaded however innocent it may look, could contain a script that when executed on your server completely opens up your website. If you have a file upload form then you need to treat all files with great suspicion. If you are allowing users to upload images, you cannot rely on the file extension or the mime type to verify that the file is an image as these can easily be faked. Even opening the file and reading the header, or using functions to check the image size are not full proof. Most images formats allow storing a comment section which could contain PHP code that could be executed by the server. So what can you do to prevent this? Ultimately you want to stop users from being able to execute any file they upload. By default web servers won't attempt to execute files with image extensions, but it isn't recommended to rely solely on checking the file extension as a file with the name image.jpg.php has been known to get through. Some options are to rename the file on upload to ensure the correct file extension, or to change the file permissions, for example, chmod 0666 so it can't be executed. If using *nix you could create a .htaccess file (see below) that will only allow access to set files preventing the double extension attack mentioned earlier. deny from all order deny,allow allow from all Ultimately, the recommended solution is to prevent direct access to uploaded files all together. This way, any files uploaded to your website are stored in a folder outside of the webroot or in the database as a blob. If your files are not directly accessible you will need to create a script to fetch the files from the private folder (or an HTTP handler in .NET) and deliver them to the browser. Image tags support an src attribute that is not a direct URL to an image, so your src attribute can point to your file delivery script providing you set the correct content type in the HTTP header. For example: 8. Server security Most hosting providers deal with the server configuration for you, but if you are hosting your website on your own server then there are few things you will want to check. Ensure you have a firewall setup, and are blocking all non essential ports. If possible setting up a DMZ (Demilitarised Zone) only allowing access to port 80 and 443 from the outside world. Although this might not be possible if you don't have access to your server from an internal network as you would need to open up ports to allow uploading files and to remotely log in to your server over SSH or RDP. If you are allowing files to be uploaded from the Internet only use secure transport methods to your server such as SFTP or SSH. If possible have your database running on a different server to that of your web server. Doing this means the database server cannot be accessed directly from the outside world, only your web server can access it, minimising the risk of your data being exposed. Finally, don't forget about restricting physical access to your server. 9.SSL SSL is a protocol used to provide security over the Internet. It is a good idea to use a security certificate whenever you are passing personal information between the website and web server or database. Attackers could sniff for this information and if the communication medium is not secure could capture it and use this information to gain access to user accounts and personal data. Use an SSL certificate 10. Security tools Once you think you have done all you can to secure your website then it's time to test your security. The most effective way of doing this is via the use of some security tools, often referred to as penetration testing or pen testing for short. There are many commercial and free products to assist you with this. They work on a similar basis to scripts hackers will use in that they test all know exploits and attempt to compromise your site using some of the previous mentioned methods such as SQL injection. Some free tools that are worth looking at: Netsparker (Free community edition and trial version available). Good for testing SQL injection and XSS OpenVAS. Claims to be the most advanced open source security scanner. Good for testing known vulnerabilities, currently scans over 25,000. But it can be difficult to setup and requires a OpenVAS server to be installed which only runs on *nix. OpenVAS is fork of a Nessus before it became a closed-source commercial product. The results from automated tests can be daunting, as they present a wealth of potential issues. The important thing is to focus on the critical issues first. Each issue reported normally comes with a good explanation of the potential vulnerability. You will probably find that some of the medium/low issues aren't a concern for your site. If you wish to take things a step further then there are some further steps you can take to manually try to compromise your site by altering POST/GET values. A debugging proxy can assist you here as it allows you to intercept the values of an HTTP request between your browser and the server. A popular freeware application called Fiddler is a good starting point. So what should you be trying to alter on the request? If you have pages which should only be visible to a logged in user then I would try changing URL parameters such as user id, or cookie values in an attempt to view details of another user. Another area worth testing are forms, changing the POST values to attempt to submit code to perform XSS or to upload a server side script. Use a debugging proxy to root out vulnerabilities Hopefully these tips will help keep your site and information safe. Thankfully most CMSes have a lot of inbuilt security features, but it is a still a good idea to have knowledge of the most common security exploits so you can ensure you are covered. There are also some helpful modules available for CMSes to check your installation for common security flaws such as Security Review for Drupal and WP Security Scan for WordPress.

Bitdefender Internet Security 2013

Bitdefender Internet Security 2013 Pros BitDefender has an impressive high-scoring test history. It protects privacy on Facebook and Twitter. Cons This internet security suite does not include file shredding or file encryption. The Verdict : 9.55/10 BitDefender is constantly aware and ready to combat threats. Buy Bitdefender Internet Security 2013 Protection Repair Usability Performance in Windows 7 protection tests conducted by AV-Test during the autumn of 2012. Bitdefender Internet Security 100% Compare to the Top 3 Internet Security Suites Software #1 Bitdefender Internet Security 100% #2 Kaspersky Internet Security 92% #3 Norton Internet Security 92% Category Average 80.19% Percent 0 20 40 60 80 100 120 Review Specifications Images Side By Side Comparison Learning Center LIKE OUR REVIEWS? SUPPORT OUR SITE ON FACEBOOK OR GOOGLE PLUS TopTenREVIEWS - Gold Award - Awarded for excellence in design, useability and feature set Bitdefender Internet Security is always aware and on guard. Bitdefender protects hundreds of millions of users worldwide from known and unknown internet assailants. The TopTenREVIEWS Gold Award winner for internet security suites is an effective weapon against the evils of hackerdom. Bitdefender can protect you and your family from invisible attacks from all angles – from the internet, email, social media, USB drives, network-connected devices and chat conversations. After running Bitdefender Internet Security through its paces, we must concur with a statement from Bitdefender's Chief Technology Officer: "We've given the home user product range a striking overhaul, offering sleek, silent defense from today's e-threats," said Bogdan Dumitru, Bitdefender CTO. "The new interface is very easy to use, and the addition of the optional Autopilot feature will meet the demands of those users looking for a hassle-free security experience." The Bitdefender brand logo, the Dacian Dragon-Wolf, declares graphic hostility toward hackers who attack goodness. Half wolf and half dragon, the Dacian Wolf inspired confidence among ancient troops that carried it into battle by striking fear into enemies. Bitdefender's mantra is simple – Awake – meaning that it strives to be relentlessly aware and ready for battle. We find the brand avatar and mantra to be appropriate to the spirit of Bitdefender. If you arm yourself with Bitdefender, you can have confidence in the multiple ways that it protects you. Moreover, when hackers attempt to breach your defenses and encounter a Bitdefender guardian at your gates, they will lose confidence and move on to more vulnerable victims. Performance: 9.4/10 Compare Bitdefender Internet Security Kaspersky Internet Security Norton Internet Security F-Secure Internet Security Trend Micro Titanium Internet Security G Data Internet Security Avast Internet Security BullGuard Internet Security AVG Internet Security Lavasoft Ad-Aware Total Security 9.4 8.3 8.3 8.6 8.1 8.1 7.8 7.2 6.9 7 Click to Enlarge Malware detection is one of the most important aspects of robust internet security suites. Bitdefender’s protection is superior. The software consistently receives awards and certifications from third-party security testers. It demonstrates above-average malware detection rates. One of the reasons Bitdefender is so effective is that it scans all PC communications, both incoming and outgoing. The scans run in real time to stop threats before they infiltrate. German-based AV-Test is one of the most respected third-party test labs. AV-Test has given top scores to the Bitdefender internet security suite for protection. Bitdefender applies three levels of defense against malware. The first level is to check for known virus signatures that Bitdefender has already collected in the cloud and for which there is a known cure. The second level is to detect unknown threats and isolate them in a virtualized environment. Once it has them corralled, the software monitors whether the suspected files attempt to modify certain files, communicate with sensitive areas or produce files that are associated with known viruses. If the virus behaves well in the virtual environment, Bitdefender allows it to operate normally. If it demonstrates suspicious behavior, the application either deletes it or sends it to quarantine. The third level of defense, called Active Virus Control, watches each specific process that is running on the PC. It then checks for any actions that resemble malware. Active Virus Control is different from technologies that monitor executable files when they start. It monitors processes continuously. The Bitdefender Internet Security suite features a two-way firewall. The versatile firewall will automatically adjust its settings to fit your location. An integrated Wi-Fi monitor protects your computer from unwanted attempts to access your network. A disabled firewall will not do you much good, yet it is common practice for gamers to turn off firewall settings to access and run computer games. With Bitdefender’s gamer mode, there’s no need to disable then remember to re-enable the firewall. You will stay protected while you’re gaming. In addition, the gamer mode stops any interference while you’re in full screen mode for videos or presentations. Features: 10/10 Compare Click to Enlarge The Bitdefender Internet Security suite provides an exhaustive list of easy-to-use, helpful security tools for protecting your identity, your children and your PC. When you use a search engine, Bitdefender gives each URL a security rank. The website filter uses specific category definitions to block suspicious sites. You can also restrict, enable and monitor your child’s internet activity. You can configure the parental filters to block or allow websites, IM contacts and emails that contain flagged words or phrases. In addition, you can limit internet and application access to specific times or just give a time allotment to each child. With the parental controls and monitoring tools, it’s easy for parents to maintain control. This security suite can quickly run full system scans, and you can schedule scans as well. Scans do not interfere while you are using your computer; scheduled scans only run when your system is idle. The Scan Dispatcher tool will only trigger a system scan when the PC resource usage falls below a set point. It also has a vulnerability scanner that checks for outdated software and needed Windows updates. Consistent with its multi-layered approach to defenses, Bitdefender includes a free credit monitoring service for customers in the United States. The service provides you with real-time alerts if any changes appear on your credit reports.

Microsoft Security Essentials

The only free security product we've tested this year, Microsoft's Security Essentials, is our default recommendation of what to install to provide your PC with a bare minimum of protection against malware. It's only available for Windows 7 and below. Windows 8 has its own integrated Windows Defender, which looks just like Microsoft Security Essentials in terms of its interface, but which appears, in preliminary tests, to behave differently when confronted with malicious software. Security Essentials protected our PC in 85 per cent of malware exposures. Admittedly, it only completely blocked 57 of 100 viruses, but it neutralised another 28 after the process of infection had begun. In 15 cases, it failed to protect us. That's better than having no protection at all, but 15 infections is not good. It did well in our false positive tests, only blocking one legitimate program, giving it a total accuracy rating of just 233.5. Once you've installed it, Security Essentials prompts you to begin an initial scan. With that done, it'll schedule a weekly quick scan and use real-time protection to monitor potential threats as you encounter them. The main screen informs you of whether or not your PC is protected and Security Essentials is active and up-to-day, as well as giving you instant access to quick, full and custom scans. The Update tab is exactly what its name implies: you get an update button and information on the last update times of your virus definitions. The History tab is a bit more interesting, displaying a list of all the quarantined items that have been prevented from running on your PC. You can permanently remove them or - if you're sure a program really is benign - restore it, although it's worth bearing in mind that Security Essentials has a very low false positive rate. You can also view lists of items that you've allowed to run and which have been detected as potential issues, but neither quarantined nor allowed. The final tab gives you fine control of Security Essentials' settings. As well as scheduling scans and enabling real-time protection, you can customise the way the program deals with the threats it detects, depending on how severe it believes them to be and exclude specific files, processes or locations from your scans. You can also enable the scanning of removable drivers and change the amount of information Security Essentials sends back to Microsoft about potentially unwanted software. Microsoft Security Essentials is brilliantly simple and easy to use. For obvious reasons, it integrates perfectly with Windows. However its relatively low rate of malware detection makes it a distinct second-best to the commercial anti-virus suites we've looked at this year. It'll do as a stopgap, but we strongly recommend buying Kaspersky Internet Security 2013.

Security Overview Part 2: Spyware

According to the Wikipedia, spyware is a broad category of malicious software intended to intercept or take partial control of a computer's operation without the user's informed consent. While the term taken literally suggests software that surreptitiously monitors the user, it has come to refer more broadly to software that subverts the computer's operation for the benefit of a third party. That is, spyware will monitor your activity on the Internet and transmit that information in the background to someone else. Spyware is potentially dangerous because it can record your keystrokes, history, passwords, and other confidential and private information. Some software that you use may act like spyware although is actually (and innocently) communicating with its developer to do things as check for program updates or provide the developer with error information (for future development). Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. So, spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else (Webopedia, 2005). Although there is no guarantee that you’ll always be free from spyware, there are some things you can do to seriously lower your risk. First and foremost, you need to use an anti-spyware program that detects and prevents spyware from installing itself on your computer (and removes it). Anti-spyware software can also periodically scan your computer for spyware that may get through and remove it. Following are several of the most popular free anti-spyware programs: • Spyware Blaster • Ad-Aware SE Personal Edition • Microsoft Windows AntiSpyware • Spybot Search & Destroy Personally, I use two of the above programs (Ad-Aware and Microsoft AntiSpyware) because no one anti-spyware program is known to catch 100% of all spyware. The two together seem to do a fantastic job of keeping me spyware free. Remember, your anti-spyware software needs to stay updated, on a daily basis, to stay effective at catching all the newly developed spyware. And, your anti-spyware program should automatically run system scans on your computer at least once per day. Ad-Aware SE Personal Edition does not do either of these automatically (you have to do it manually) although Ad-Aware SE Professional edition does (this will cost you about $40). Microsoft’s AntiSpyware software does scan and update itself automatically. Also, here are some other steps to consider to reduce your risk of being infected by spyware : 1. If you use Windows XP, one way to help prevent spyware and other unwanted software is to make sure all your software is updated. Visit Microsoft Update to confirm that you have Automatic Updates turned on and that you've downloaded all the latest critical and security updates. 2. While most spyware and other unwanted software come bundled with other programs or originate from unscrupulous Web sites, a small amount of spyware can actually be placed on your computer remotely by hackers. Installing a firewall or using the firewall that's built into Windows XP provides a helpful defense against these hackers. 3. Don’t click on links in e-mail spam that claim to offer anti-spyware software. Some software offered in spam actually installs spyware. 4. Surf and download more safely. The best defense against spyware and other unwanted software is not to download it in the first place. Here are a few helpful tips that can protect you from downloading software you don't want: a. Only download programs from Web sites you trust. If you're not sure whether to trust a program you are considering downloading, ask a knowledgeable friend or enter the name of the program into your favorite search engine to see if anyone else has reported that it contains spyware. b. Read all security warnings, license agreements, and privacy statements associated with any software you download. c. Never click "agree" or "OK" to close a window. Instead, click the red "x" in the corner of the window or press the Alt + F4 buttons on your keyboard to close a window. d. Be wary of popular "free" music and movie file-sharing programs, and be sure you clearly understand all of the software packaged with those programs. (Source: Microsoft Corporation)

Foreign journalists in China targeted by malware attacks

BEIJING (Reuters) - Foreign journalists in Beijing have been targeted by two very similar malware attacks in just over two weeks in the lead-up to China's once-in-a-decade leadership transition. The emails - one appearing to come from a Beijing-based foreign correspondent and the other from a Washington-based think tank - both contained an attachment with the same type of malware, according to independent cyber security expert Greg Walton who reviewed the files. Malware attacks on foreign correspondents in China, Chinese dissidents or academics researching China tend to spike in the periods leading up to politically sensitive events for China. Previous spikes occurred ahead of the Beijing Olympics in 2008 and the 60th anniversary of Communist Party rule in 2009. A government spokesman warned against jumping to conclusions about who was responsible. "China manages the Internet according to law and has engaged in cooperation with the international community to promote Internet security. Internet security is a complicated issue," Foreign Ministry spokesman Hong Lei said when asked about the emails. "China is also a victim of Internet attacks. The source of these Internet attacks is very difficult to determine. Reaching conclusions without sufficient evidence or fair and thorough investigations, it's just not serious." Both of the emails referred to the upcoming handover of power in the top ranks of the ruling Communist Party. The attachment, if opened, would have installed malware that sent encrypted information from the user's computer to an external server. That server is hosted in Britain. It has often proven difficult to prove who is behind malicious hacking attacks related to China. "The Chinese government often gives blanket denials that this happens, and in some cases the left arm may not know what the right arm is doing," said Duncan Clark, chairman of technology consultancy BDA in Beijing. The Communist Party will hold its party congress some time in coming weeks in Beijing, although the date has not yet been announced. At the congress, the top positions in the party are expected to be transferred to a new generation of leaders.

Operating System Security

Operating System Security Network Security Library {http://www.windowsecurity.com/whitepaper/} This is a site providing articles on general network and system security, and no emphasis is placed on any one OS. Due to the large number of articles available on Unix and Windows, these systems have their own links; articles on other operating systems, such as Macintosh or Linux, can be found through keyword searches. Articles come from a variety of sources, including individual submissions as well as published book chapters. Readers are invited to rate articles on a scale of one to ten, and the average score and number of votes are listed with each article title. Windows Security Guide http://www.winguides.com/security/ This site lists security vulnerabilities and fixes for all Microsoft operating systems, as well as for network-related utilities such as MS Internet Explorer and Internet Information Server. Other services include a free newsletter of alerts and updates, and "support forums" for discussion of security topics. There are two levels of membership: the basic free membership allows access to the forums and newsletters, while a fee-based premium subscription option allows access to help files, free downloads, and the ability to turn off advertisements. Macintosh Security Site http://www.securemac.com/ The Macintosh Security Site contains several informative articles on Macintosh security, and reviews of many security products for Macs and Mac servers. While the site is supported through paid advertisements, the ads are rather unobtrusive. Of interest is the fact the Macintosh Security Site is maintained as the "white side" of Freak's Macintosh Archive, a "hacking" site devoted to announcing and exploiting security vulnerabilities in Macintosh software & utilities. Linux Security http://www.linuxsecurity.com/ This site is sponsored by Guardian Digital, Inc., an Open Source security company which produces EnGarde Linux products. The site is not used solely to advertise EnGarde products, and other vendors and products are represented through their sponsorship of the site as well as in articles and advisories posted at the site. The News section of the site provides full-text articles, reprinted from a variety of external sources, on a wide range of general and Linux-specific security topics; the Documentation section features numerous practical "how-to" articles. Users can subscribe to free weekly Linux security newsletters and advisories and participate in an online mailing list.

eScan Internet Security Suite

eScan Internet Security Suite The Next Generation Anti-Virus, Anti-Spam and Anti-Phishing Solution for Windows®-based Home and Small Office Users eScan Internet Security solution designed for home and small office users is a comprehensive Anti-Virus and Content Security Solution that provides complete protection to your computers against objectionable content and security threats, such as Viruses, Spyware, Adware, Keyloggers, Rootkits, Botnets, Hackers, Spam, Phishing Web sites, and range of information security threats. Anti-Virus Anti-Phishing Anti-Spyware Anti-Rootkit Anti-Spam USB Control Application Control Web Protection Virtual Keyboard Gaming Mode Laptop Mode Folder & File Security Network Traffic Monitor User-based Parental Control Firewall Privacy Protection Identity Theft Prevention Malware URL Filter Key Features : Trendy & Easy to Use Graphical Interface With eScan Internet Security Suite you get a trendy, dock-based graphical interface that is very user-friendly and has a very sleek intuitive design for both, novice and expert users. Best Protection against Security Threats without Compromising with the Computer Speed eScan 11’s new On-Demand Scanner is equipped with Whitelisting Technology that leads to faster scans and is very light on system resources. This ensures that your computer does not slow down, even while eScan is performing thorough system scans. Effective Real-time Protection to all the Files & Folders Residing in the Computer eScan 11 performs Real-time scans on files, e-mails, e-mail attachments with its advanced and innovative technologies. It keeps your computer safe from infections with the help of its enhanced Self Protection Technology that prevents new generation malware from either disabling eScan or deleting its critical files, thus keeping your computer safe from infections. It also scans content for confidential data, prohibited information, offensive, and obscene language. Block Notifications & Alerts while Playing Favorite Games eScan 11 includes an advanced Game Detection feature that automatically detects the start of a game in full screen mode and prevents all eScan notifications and alerts from being displayed. You can thus enjoy an uninterrupted gaming experience. Prevent Memory Intensive Processes for Laptops eScan 11 includes the Laptop Mode feature that provides unmitigated battery time on laptops. Whenever you switch the Laptop Mode, eScan 11 automatically detects this change and prevents memory intensive processes like scheduled scans from running. eScan’s Real-time protection remains active while on Laptop Mode. Protection against Drive-by Malware Downloads eScan 11 includes a Malware URL filter that protects endpoints against Drive-by Malware downloads as socially engineered Malware attacks pose one of the largest risks to individuals and organizations. Access to malicious websites / URLs will be BLOCKED effectively providing to ZERO Day protection to computers. Advanced Classification of Ham and Spam E-Mails eScan 11 controls spam effectively by using Artificial Intelligence and sophisticated filters that work on the basis of specific keywords and phrases. This technology uses Artificial Intelligence to learn your behavior pattern and accordingly classifies e-mails as Ham (e-mails received by user) or Spam (e-mails quarantined for user). Comprehensive Digital Protection and Parental Control eScan 11 provides enhanced Web Protection and Privacy Protection features, such as User-based Parental Control, Pop-up Filter, and Virtual Keyboard. Parental Control and Pop-up Filters are customizable features that would help you block offensive content and Pop-ups, respectively. It also includes an advanced Web Phishing Filter that warns you of Phishing Websites and a Virtual Keyboard that protects your system against keyloggers. You can use this keyboard while typing sensitive information, such as banking passwords or credit card numbers. eScan 11 also includes an advanced Web Phishing Filter that warns you of Phishing Web Sites. It is also equipped with a Virtual Keyboard to protect your system against keyloggers. You can use this keyboard while typing sensitive information, such as banking passwords or credit card numbers. Comprehensive Protection against Network-based Attacks eScan 11 includes a set of predefined access control rules that you can customize as per your requirements. Firewall that has been enhanced for seamless integration with your operating system. In addition, it includes the Network Traffic Monitor that monitors incoming and outgoing network traffic. In also provides users with the option to block the execution of network-based executable files, thus preventing the spread of infections within networks. Extensive Asset Management for Complete System Administration eScan 11 helps to perform static asset management by using the System Information tool. This tool helps administrators obtain complete information about the hardware and software deployed on the computer and on the network. Prevent Data Theft and Virus Infections through USB Drives eScan 11 prevents data theft and Virus infections through USB and Fire-based devices. It includes the Application Control, which helps you to block or permit applications from running on networks and stand-alone computers. Lock Files and Folders that are very Critical and Confidential eScan 11 provides a new Folder Protection feature facility which helps you to protect specific files and folders from being modified or deleted. The main advantage of this feature is that it prevents the specified files from being infected by malicious software. Also, the files and folders that are protected cannot be deleted unless the folder protection is turned off. This helps you to safeguard your confidential data from infections due to malware. Eradicate Rootkits and File Infectors that cannot be Cleaned in the Normal Windows® Mode With eScan 11 you can create Windows®-based Rescue Disk files with the help of eScan Rescue File Creation wizard. The Rescue Disk file cleans Rootkits and File infectors from boot-infected computers that cannot be cleaned in the normal mode of the Windows® operating system. In addition, eScan 11’s product Installation CD comes with a set of installation setup files and bootable Rescue Disk. The bootable Rescue Disk enables you to clean boot the computer if the operating system fails to load on it. Automatically Checks & Downloads Critical Updates from the Microsoft® Web site eScan 11 automatically checks and downloads critical patches for the Windows® operating system from the Microsoft® Web site. It thus prevents malware from exploiting vulnerabilities, existing in your operating system. Automatically Provides Compressed Updates as per the Available Bandwidth eScan 11 continuously provides automatic compressed updates for the software and the virus and spam definitions. This protects your computer from the latest security threats. Comprehensive Reports for In-depth Analysis eScan 11 supports comprehensive reporting capabilities for all its modules, which you can use for in-depth analysis. Round-the-Clock Expert Support 24*7 FREE Online Technical Support (via e-mail, Live Chat, and Forums) is provided round the clock to all our customers. FREE Telephonic technical support is also provided through our offices during business hours.