【文章內(nèi)容簡介】 to block unauthorized users from accessing a work, there is still the danger of viruses, which can enter through attachments, and malicious Java and ActiveX applications that e into a work as users browse the Net. When dealing with hostile Java and ActiveX applets, Finjan Software offers 濱州學(xué)院畢業(yè)設(shè)計 (專業(yè)外文翻譯 ) 6 SurfinShield X tra for desktop users as well as Surfin Gate for servers. These unique packages actually maintain a database of known Java and ActiveX problems and monitor ining and existing applets. Both products block only applets that misbehave, letting all others through. 1） Solutions to 6 Common Threats to Security Here are six mon Inter security problems and their solutions cited in PC Magazine, 1997. Reprinted by permission December 1998 2） Interception of Encrypt using desktop or server encryption hardware or software. Use digital signatures and certificates to authenticate senders and verify that has not been tampered with. 3） Theft or alteration of corporate information Use the same procedures as for intrusion. Also use encryption hardware or software to encrypt traffic flowing from office to office across the Inter. 4） Macro viruses from attachments Install an antivirus gateway to filter ining messages. 5） Corporate work intrusion Protect the perimeter with firewalls. If you want remote users to access sensitive internal data, set up an authentication server on the work and equip remote users with authentication tokens or smart cards. 6） Disruption of work devices and services Protect the perimeter with firewalls. Set up an authentication server on the work and equip remote users with authentication tokens or smart cards. 7） Misbehaved Java and ActiveX applets Configure firewalls to block Java and ActiveX applets, or install a Java and ActiveX gateway to filter out bad applets. Inter Security Products Security Auditing SAFEsuite Inter Scanner for Windows NT 濱州學(xué)院畢業(yè)設(shè)計 (專業(yè)外文翻譯 ) 7 SA FEsuite is designed to test security implementation for protection against inside and outside attacks, Inter Security Systems’ SA FEsuite Inter Scanner for Windows NT looks for hundreds of vulnerabilities, provides a list of possible holes and suggests corrective actions. SA FEsuite has three ponents: the Intra Scanner, Firewall Scanner, and Web Scanner. The program runs on a single PC loaded with Windows NT or and es with a license key based on a single range of IP addresses. To scan multiple works or segments, multiple licenses are needed. SA FEsuite’s tests covers known weak spots that internal or external intruders can exploit. Each of the tests es with three different settings: light, medium and heavy scan. The light scan looks at the basic vulnerabilities on your work, such as shared resources without passwords, and requires only a few minutes to run. The medium scan looks for the same holes as the light scan, plus a few more. For example, in a light scan of FTP, the test looks for just anonymous connections. A medium scan looks for anonymous and trivial FTP connections. The heavy scan looks for all vulnerabilities and requires the most time. After all scans have been run, SA FEsuite creates an HTML based report listing the results by level of importance and even provides you with some ideas of how to correct the problem. SecurIT from Milkyway Networks Corp SecurIT, among others, is a product that can identify work holes and, like ISS’s SA FEsuite, provide instructions on how to fix them. The product can scan all of a work’s devices, including: firewalls, mail servers, UNIX hosts and Windows NT and Windows 95based PCs. And SecurIT Audit can check for vulnerabilities on several platforms, including Linux, Solaris, SunOS, Windows NT and Windows 95. Firewalls ON Guard by ON Technology Corp Protecting a work from hacker tricks is easier with ON Guard, a 濱州學(xué)院畢業(yè)設(shè)計 (專業(yè)外文翻譯 ) 8 hardware/software bination, which makes the usually difficult process of installing firewalls easy. This package is designed for administrators who aren’t security gurus and don’t want to be. ON Guard includes dozens of services, powerful event logging, and a utility that tests one’s security plan. It is also one of the few firewalls currently on the market that can block both IP and IPX work packets. ON Guard uses Stateful MultiLayer Inspection (SMLI) technology, a hybrid of packet and applicationlevel filtering. Unlike applicationlevel filtering, SMLI does not require separate software to block each new Inter services, such as PointCast and Real Audio. This is advantageous, because one does not have to wait for ON Technology to provide software to block these services. The firewall can already handle them. Unlike The Wall, with which services are either enabled or disabled, ON Guard allows customization of multiple services. The program disables Web, and FTP access by default. But these services and others, such as Java, Real Audio, and newsgroups, can be enabled and access rules created for users based on an IP address. Once a service is in the list, administrators can enable or disable access for both inbound and outbound traffic. T