Frequently Asked Questions

Firewall: frequently asked questions

A firewall is software or hardware that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings. Even if you think there's nothing on your computer that would interest anyone, a worm could completely disable your computer, or someone could use your computer to help spread worms or viruses to other computers without your knowledge.

Here are answers to some common questions about firewalls.

What does "allowing a program to communicate through the firewall" mean?

Allowing a program to communicate through the firewall, sometimes called unblocking, is when you allow a particular program to send information through the firewall. You can also allow a program to communicate through the firewall by opening one or more ports. For more information, see Allow a program to communicate through Windows Firewall.

How can I be sure that Windows Firewall is on?

Windows Firewall is on by default in this version of Windows. To make sure it hasn't been turned off, follow these steps:

  1. Open Windows Firewall by clicking the Start button, and then clicking Control Panel. In the search box, type firewall, and then click Windows Firewall.
  2. In the left pane, click Turn Windows Firewall on or off. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  3. Below each network location type, click Turn on Windows Firewall, and then click OK. We recommend that you turn on the firewall for all network location types.

What are the recommended settings for Windows Firewall?

We recommend the default firewall settings:

  • The firewall is on.
  • The firewall is on for all network locations (Home or work, Public, or Domain).
  • The firewall is on for all network connections.
  • The firewall is blocking all inbound connections except those that you specifically allowed.

What are some of the things that a firewall can't prevent?

  • Email viruses: E mail viruses are attached to e mail messages. A firewall can't determine the contents of e mail messages, so it can't protect you from these types of viruses. You should use an antivirus program to scan and delete suspicious attachments from an e mail message before you open it. Even when you have an antivirus program, you should not open an e mail attachment if you're not positive it's safe.
  • Phishing scams: Phishing is a technique used to trick computer users into revealing personal or financial information, such as a bank account password. A common online phishing scam starts with an e mail message that appears to come from a trusted source, but actually directs recipients to provide information to a fraudulent website. Firewalls can't determine the contents of e mail messages, so they can't protect you from this type of attack.

If I have a router with a built-in firewall, should I also turn on Windows Firewall?

Yes, because router-based firewalls only provide protection from computers on the Internet, not from computers on your home network. For example, if a mobile computer or guest computer connects to some other network, becomes infected with a computer worm, and then connects to your home network; your router-based firewall won't be able to prevent the spread of the worm. However, a firewall running on each computer on your network can help control the spread of worms. However, running more than one firewall program on your computer at the same time could cause conflicts. It's best to just use one firewall program, in addition to a router-based firewall.

What else besides a firewall do I need to help protect my computer?

You should do two things:

  1. Turn on Windows automatic updating and make sure that updates are automatically installed on your computer. For more information, see Change how Windows installs or notifies you about updates.
  2. Use Microsoft Security Essentials or another antivirus and anti-malware program, and keep it up to date by regularly downloading updates from the program manufacturer's website. Many of these programs update automatically. They can help protect your computer from spyware and malicious software.

 

How do I allow other computers to communicate with my computer through Windows Firewall?

If you’re having trouble allowing other computers to communicate with your computer through Windows Firewall, you can try using the Incoming Connections troubleshooter to automatically find and fix some common problems. Open the Incoming Connections troubleshooter by clicking the Start button, and then clicking Control Panel. In the search box, type troubleshooter, and then click Troubleshooting. Click View all, and then click Incoming Connections. For information about advanced firewall troubleshooting, see Windows Firewall with Advanced Security Troubleshooting Guide: Diagnostics and Tools and Troubleshooting Windows Firewall settings in Windows XP Service Pack 2 for advanced users.

Wireless networking: frequently asked questions

Here are answers to some common questions about wireless networks.

What is a wireless network?

A network can be one computer connected to the Internet, or two or more computers connected to each other (and also to the Internet). In a wireless network, the computers are connected by radio signals instead of wires or cables. Advantages of wireless networks include mobility and no unsightly wires. Disadvantages can include a slower

connection than a wired network and interference from other wireless devices, such as cordless phones.

Wireless network with a shared Internet connection

What are the different types of wireless network technologies?

Currently there are four options: 802.11b, 802.11a, 802.11g, and 802.11n. The tables below compare these technologies.

802.11b

Speed Up to 11 megabits per second (Mbps)

Pros

• Has good signal range

Cons

• Has the slowest transmission speed

• Allows for fewer simultaneous users

• Uses the 2.4 gigahertz (GHz) frequency (the same as many microwave ovens, cordless phones, and other appliances), which can cause interference

802.11a

Speed Up to 54 Mbps

Pros

• Allows for more simultaneous users

• Uses the 5 GHz frequency, which limits interference from other devices

Cons

• Has a shorter signal range, which is more easily obstructed by walls and other obstacles

• Is not compatible with 802.11b network adapters, routers, and access points

802.11g g

Speed Up to 54 Mbps

Pros • Has a transmission speed comparable to 802.11a under optimal conditions

• Allows for more simultaneous users

• Has good signal range and is not easily obstructed

• Is compatible with 802.11b network adapters, routers, and access points

Cons • Uses the 2.4 GHz frequency so it has the same interference problems as 802.11b

802.11n

Speed Depending upon the number of data streams the hardware supports, 802.11n can transmit data at up to 150 Mbps, 300 Mbps, 450 Mbps, or 600 Mbps

Pros

• Has the fastest speed

• Uses multiple signals and antennas for better speed

• Allows for more simultaneous users s

• Has the best signal range and isn't easily obstructed

• Is resistant to interference from other devices

• Can use either the 2.4 GHz or 5.0 GHz frequency

• If using 2.4 GHz frequency, it's compatible with 802.11g network adapters, routers, and access points

Cons

• If using the 2.4 GHz frequency, it can have the same interference problems as 802.11b

• This protocol is still being finalized, and some requirements could change

If you have more than one wireless network adapter in your computer or if your adapter uses more than one standard, you can specify which adapter or standard to use for each network connection. For example, if you have a computer you use for streaming media to other computers on your network, you should set it up to use an 802.11a or 802.11n connection, if available, because you'll get a faster data transfer rate when you watch videos or listen to music.

What hardware does my computer need to be on a wireless network?

Your computer needs an internal or external wireless network adapter. To see if your computer has a wireless network adapter, do the following: :

• Open Network Connections by clicking the Start button, clicking Control Panel, clicking Network and Internet, clicking Network and Sharing Center, and then clicking Manage network connections.

The adapters installed in your computer are listed.

What is wireless signal strength?

In the list of available wireless networks, you'll see a symbol that shows the wireless signal strength for each network. The more bars, the stronger the signal. A strong signal (five bars) usually means that the wireless network is close or there is no interference. For best performance, connect to the wireless network with the strongest signal. However, if an unsecured network has a stronger signal than a security-enabled one, it's safer for your data if you connect to the security-enabled network (but you must be an authorized user of that network). To improve the signal strength, you can move your computer closer to the wireless router or access point, or move the router or access point so it's not close to sources of interference such as brick walls or walls that contain metal support beams.

• Open Connect to a Network by clicking the Start button , and then clicking Connect to.

What are the risks of connecting to a public wireless network?

Public wireless networks are convenient, but if they are not properly secured, connecting to one might be risky. Whenever possible, only connect to wireless networks that require a network security key or have some other form of security, such as a certificate. The information sent over such networks is encrypted, which can help protect your computer from unauthorized access. In the list of available wireless networks, each network is labeled as either security-enabled or unsecured. If you do connect to a network that is not secure, be aware that someone with the right tools can see everything that you do, including the websites you visit, the documents you work on, and the user names and passwords you use. You should not work on documents or visit websites that contain personal information, such as your bank records, while you are connected to that network.

How do I find a wireless network that's not on the list of available networks?

If you've connected to the network before, make sure your computer is in range of the network (no more than 150 feet [46 meters] indoors and 300 feet [92 meters] outdoors for 802.11b and 802.11g hardware and no more than 50 feet [15 meters] indoors and 100 feet [30 meters] outdoors for 802.11a hardware), the router or access point is turned on (if you have access to the router or access point), and the wireless switch on your computer is turned on. (Not all computers have a switch; if yours does, it's typically located on the front or side of the computer.) If you have not connected to the network, broadcasting might be turned off and you might have to manually add the network. To add a network that is not broadcasting, follow these steps:

1. Open Connect to a Network by clicking the Start button , and then clicking Connect to.

2. Click Set up a connection or network.

3. Click Manually connect to a wireless network, and then type the network information.

The network is added to your list of networks and is available to connect to in the future when your computer is in range.

Why do I need to copy wireless network settings to other computers and devices on my network?

The other computers and devices on your network need to know how to communicate with the wireless router so they can send and receive information on the network. Each computer or device needs settings such as the network name and the network security key so that it can communicate with the router. When you add devices or computers to your network using the Set Up a Wireless Router or Access Point wizard, Windows provides step-by-step instructions for copying the appropriate settings to your computers.

• Open Set Up a Wireless Router or Access Point by clicking the Start button , clicking Control Panel, clicking Network and Internet, and then clicking Network and Sharing Center. In the left pane, click Set up a connection or network, and then click Set up a wireless router or access point.

Can I use software other than Windows to manage my wireless network connections?

Yes. Even though automatic wireless network configuration is enabled by default in Windows, you can disable it by installing and using a different program. Many network adapters come with their own wireless management software. If you are using another program to manage your wireless network connections and you want to use Windows instead, follow these steps:

1. Turn off or disable the other program.

2. Open the Command Prompt window by clicking the Start button , clicking All Programs, clicking Accessories, and then clicking Command Prompt.

3. Type netsh wlan show settings.

If automatic wireless network configuration is disabled, you will see Auto configuration logic is disabled on interface "Interface name".

4. To enable auto configuration, type set autoconfig enabled=yes interface="<Interface name>".

How can I tell if my wireless network adapter works with Wired Equivalent Privacy (WEP) or Wi Fi Protected Access (WPA) encryption?

When you set up a network, Windows determines what type of encryption your router or access point and your computer's network adapter work with, and recommends an option. To see which types of encryption the network adapter works with, check the information that came with your adapter or computer, or go to the manufacturer’s website.

Question: How do I Surf the Web Anonymously?

Personal privacy seems to be highly elusive these days. Every move we make on the web provides targeted marketing companies and other groups with information about our buying habits, search patterns, and other personal information that we might prefer to keep to ourselves. .

So is there any way a person can browse the web without someone watching over their digital shoulder all the time?

Yes, there is, but always remember that surfing anonymously doesn't give you a license to do bad things just because no one can see you. There is no 100% effective solution for

hiding yourself online. Skilled computer forensics professionals can still likely find out if you've been breaking the law, so please keep things legal.

Answer:

There are several ways to surf the web anonymously. Here are two of the more popular ones:

1. Use a Proxy Service:

A web proxy service acts as a middle-man inserted between you and the site that you are trying to view.

If you opt to subscribe to a web proxy service, the service provider should provide you with simple instructions for configuring your web browser to direct all traffic through the web proxy service. The web proxy is a server, or group of servers, that forward requests for web pages or other data on your behalf and then relay the pages/data back to you. They act as a "go-between", which effectively masks your identity. The website you are trying to get to will only see the proxy service's proxy server IP address instead of yours. The whole process happens behind the scenes and shouldn't impact the web browsing experience except for possibly adding a little delay as pages are relayed via the proxy.

There is one catch to using a web proxy: While the website you are trying to access can only see the proxy server's IP address, the proxy server can see the entire conversation and likely has a record of it. It could also potentially steal your data since it is privy to all the details. If you decide to use a web proxy, you might not want to just pick any free one you come across as it could be one setup by hackers to harvest sensitive data. Whichever kind of web proxy service you choose, do your homework and find out what their privacy policies and log file retention periods are.

There are many proxy services available such as Anonymizer.com and Ghost Surf, to name a few.

2. Use a Commercial VPN Service:

If you are looking for a more robust solution that protects more than just web browsing, a commercial VPN service is the way to go. VPN services used to only be available to people who worked for large corporations that could afford them. There are now many affordable commercially available VPN service providers for home and small business users.

A VPN provides an encrypted tunnel that helps prevent anyone from eavesdropping on your network traffic. Most VPN providers also mask your true IP address behind their gateway, so anyone trying to see what you IP address is will only see the one that the VPN provider reveals. This IP is typically randomly rotated which further protects your identity.

Commercial VPN service rates run anywhere from $40-$100 or more per year. A couple of the more popular and established VPN providers include WiTopia and StrongVPN.

What is a Bot Net?

Has your computer become a zombie slave without you even knowing it?

Have you noticed that your PC has suddenly slowed to a crawl for no apparent reason? It might be nothing, but it could be that your computer is busy doing other things, and by other things I mean attacking other computers as part of a bot net controlled by hackers, or other assorted bad guys.

"How can this be? My anti-virus software is always up to date?", you say.

Bot net software is usually installed on computers by users who are tricked into loading it. The software might pass itself off as a legitimate product claiming to be an anti-virus scanner, when in reality it is malicious Scareware that, once installed, provides a gateway into your system for malware software developers to install things like rootkits and bot net-enabling software.

The bot net software effectively sets your computer up to receive instructions from a master control terminal that is controlled by the bot net owner who is usually a hacker or other cyber criminal that purchased the use of your computer from the person who infected it.

Yes that's right, you heard me correctly. Not only is your computer infected, but people are making money by selling the rights to use your computer (without your knowledge) to carry out attacks on other computers. Mind boggling isn't it? It's like someone renting out your car for someone else's use while it's parked at a shopping center, and then putting it back before you discover it was gone.

A typical bot net may consist of tens of thousands of computers that are all controlled by a single command and control terminal. Hackers love using bot nets because it allows them to combine the computing power and network resources of all the computers in the bot net to attack a single target. These attacks are called distributed denial of service attacks (DDoS).

Thees attacks work well because the target of the attack may not be able to handle the network and resource load of 20,000 computers all trying to access it at one time. Once the system is bogged down by all the DDoS traffic from the bot net, legitimate users might not be able to reach the server which is extremely bad for business, especially if you're a large electronic retailer where constant availability is your lifeblood.

Some of the bad guys will even blackmail the targets, telling them that if they pay them a fee, then they will stop the attack. Incredibly enough, some businesses will pay the blackmail fee just to get back in business until they can figure out how to better deal with the attacks.

How do these bot nets become so large?

Malware developers who create the bot net software pay money via malware affiliate marketing programs to people willing to install their malware on victims' computers. They may pay $250 or more per 1000 "installs". Enterprising bad guys will use every means necessary to trick unsuspecting users into installing this crapware. They will link it in spam e-mails, post malicious links to forums, setup malicious websites, and anything else they can think of to get you to click the installer so they can get credit for another install.

The malware developer will then sell control of the bot nets they have created. They will sell them in large blocks of 10,000 or more slave computers. The larger the block of slave bots, the higher the price they will ask.

I used to think malware was created by kids trying to prank people, but it is really all about bad guys making money off of trafficking the use of your computer's CPU cycles and your network bandwidth.

How can we stop these Sons of (insert favorite bad thing here)'s from enslaving our computers?

1. Get a malware-specific scanner

Your virus scanner might be awesome at finding viruses, but not so good at finding Scareware, rogue malware, rootkits, and other types of malicious software. You should consider getting something like Malwarebytes which is known for finding malware that often evades traditional virus scanners.

2. Get a "second opinion" scanner

If one doctor says everything is good, but you still feel sick, you might want to get a second opinion from another doctor, right? Do the same for your malware protection. Install a second malware scanner on your computer to see if it might catch something that the other scanner missed. You would be surprised how many times one tool misses something that another one catches.

3. Be on the lookout for fake anti-virus software

In your search for malware protection you could end up installing something malicious if you don't do your research on the product first. Google the product to see if there are any reports that it is fake or malicious before you install anything. Never install anything that is sent to you in an e-mail or found in a pop-up box. These are often delivery methods for malware developers and malware affiliates.

If you want to be extra sure that the malware infection is gone then you should consider a performing full backup, wipe and reload of your computer to ensure that the malware is gone.


Operations Consulting


The demand for customer centric focus, end to end integrated operations and optimal cost management has never been greater. We bring capabilities in network management and process improvement to help companies optimize their operating processes and supply chain. We help our clients transform their key value chain functions, from customer network management to sourcing of services and goods. We apply proven cost management methodologies to facilitate agile responses to changing conditions and to drive business growth through technological advancement. We support our clients to improve value, reduce waste and reduce costs to leave lasting sustainable benefit.

We can help if:

  • You are looking for ways to transform your procurement function through employing one or more of the following strategies; outsourcing, low-cost country sourcing, e-sourcing, or simply more efficient procurement.
  • Your organization is seeking a practical framework to improve operating processes in order to reduce costs, capture lost revenue or improve service levels across the entire value chain.
  • Your key objective is to achieve quantifiable improvements by minimizing inefficiencies, improving decision-making processes and improving control methods.
  • You are looking to improve the general effectiveness of your physical supply chain.
  • Embracing the new sustainable business model requires you to proactively manage your brand and corporate reputation across your company's entire supply chain.
  • Pressures to grow revenue lead you to re-assess whether you are getting the most from your customer management systems and processes.
  • You have just undergone a period of rapid change, possibly post-merger, and are looking to transform service delivery through shared service deliver; off-shoring or service re-design.
  • You need assistance in managing your physical assets including property or real-estate, we have technological tools to aid in the transition.