Tuesday, July 31, 2007

Lesar Printer


Laser printer
From Wikipedia, the free encyclopedia
Jump to: navigation, search

1993 Apple LaserWriter Pro 630 laser printerA laser printer is a common type of computer printer that rapidly produces high quality text and graphics on plain paper. Like photocopiers, laser printers employ a xerographic printing process but differ from analog photocopiers in that the image is produced by the direct scanning of a laser beam across the printer's photoreceptor.

Contents [hide]
1 Overview
2 History
3 How it works
3.1 Raster Image Processing
3.2 Charging
3.3 Writing
3.4 Developing
3.5 Transferring
3.6 Fusing
3.7 Cleaning
3.8 Multiple steps occurring at once
4 Color laser printers
5 Laser printer maintenance
6 Steganographic anti-counterfeiting ("secret") marks
7 Safety hazards and precautions
7.1 Shock hazards
7.2 Toner clean-up
7.3 Ozone hazards
8 See also
9 External links




Overview

Laser printers have many significant advantages over other types of printers. Unlike impact printers, laser printer speed can vary widely, and depends on many factors, including the graphic intensity of the job being processed. The fastest models can print over 200 monochrome pages per minute (12,000 pages per hour). The fastest color laser printers can print over 100 pages per minute (6000 pages per hour). Very high-speed laser printers are used for mass mailings of personalized documents, such as credit card or utility bills, and are competing with lithography in some commercial applications.

The cost of this technology depends on a combination of factors, including inflation. Costs of paper, toner, and infrequent drum replacement, as well as the replacement of other consumables such as the fuser assembly and transfer assembly. Often printers with soft plastic drums can have a very high cost of ownership that does not become apparent until the drum requires replacement.

A duplexing printer (one that prints on both sides of the paper) can halve paper costs and reduce filing volumes. Formerly only available on high-end printers, duplexers are now common on mid-range office printers, though not all printers can accommodate a duplexing unit. Duplexing can also give a slower page-printing speed, because of the longer paper path.

In comparison with the laser printer, most inkjet and dot-matrix printers simply take an incoming stream of data and directly imprint it in a slow lurching process that may include pauses as the printer waits for more data. A laser printer is unable to work this way because such a large amount of data needs to output to the printing device in a rapid, continuous process. The printer cannot stop the mechanism precisely enough to wait until more data arrives, without creating a visible gap or misalignment of the dots on the printed page.

Instead the image data is built up and stored in a large bank of memory capable of representing every dot on the page. The requirement to store all dots in memory before printing has traditionally limited laser printers to small fixed paper sizes such as letter or A4. Most laser printers are unable to print continuous banners spanning a sheet of paper two meters long, because there is not enough memory available in the printer to store such a large image before printing begins.



History
The first laser printer was produced by Xerox when Xerox researcher Gary Starkweather modified a Xerox copier in 1971.[1] Laser printing eventually became a multibillion-dollar business for Xerox.

The first commercial implementation of a laser printer was the IBM model 3800 in 1976, used for high-volume printing of documents such as invoices and mailing labels. It is often cited as "taking up a whole room," implying that it was a primitive version of the later familiar device used with a personal computer. While large, it was designed for an entirely different purpose. Many 3800s are still in use.


Xerox 9700 laser printer (ca. 1977)The first laser printer designed for use with an individual computer was released with the Xerox Star 8010 in 1981. Although it was innovative, the Star was an expensive ($17,000) system that was only purchased by a small number of laboratories and institutions. After personal computers became more widespread, the first laser printer intended for a mass market was the HP LaserJet 8ppm, released in 1984, using a Canon engine controlled by HP software. The HP LaserJet printer was quickly followed by other laser printers from Brother Industries, IBM, and others.

Most noteworthy was the role the laser printer played in popularizing desktop publishing with the introduction of the Apple LaserWriter for the Apple Macintosh, along with Aldus PageMaker software, in 1985. With these products, users could create documents that would previously have required professional typesetting.

As with most electronic devices, the cost of laser printers has fallen markedly over the years. In 1985 the HP LaserJet sold for $2995.00 and weighed 71 pounds (32.2 kg). The Apple LaserWriter (which shipped with a more powerful processor and the Postscript page description language) weighed about 70 lb and cost almost $7000.00. (Work rules in the factory producing the Laserwriter forbade any worker lifting the printer unassisted.) Today a comparable laser printer with more memory, a higher speed and duplexing capability costs about $300.00. A bare-bones laser printer costs less than $100.00.


How it works
Main article: Xerography
There are typically seven steps involved in the laser printing process:


Raster Image Processing
Each horizontal strip of dots across the page is known as a raster. Creating the image to be printed is done by a Raster Image Processor (RIP), typically built into the laser printer. The source material may be encoded in any number of special page description languages such as Adobe PostScript (PS) or HP Printer Command Language (PCL), as well as unformatted text-only data. The RIP uses the page description language to generate a bitmap of the final page in the raster memory. Once the entire page has been rendered in raster memory, the printer is ready to begin the process of sending the rasterized stream of dots to the paper in a continuous stream.
Generating the raster image data


Charging
A corona wire (in older printers) or a primary charge roller projects an electrostatic charge onto the photoreceptor (otherwise named the photoconductor unit), a revolving photosensitive drum or belt, which is capable of holding an electrostatic charge on its surface while it is in the dark.
Appyling a negative charge to the photosensitive drum


Writing
The laser is aimed at a rotating polygonal mirror, which directs the laser beam through a system of lenses and mirrors onto the photoreceptor. The beam sweeps across the photoreceptor at an angle to make the sweep straight across the page; the cylinder continues to rotate during the sweep and the angle of sweep compensates for this motion. The stream of rasterized data held in memory turns the laser on and off to form the dots on the cylinder. Some printers switch an array of laser diodes spanning the width of the page, and they signal to both the photoreceptor and their Quartz-clocked host in time to marks on the underpassing cylinder. Lasers are used because they generate a narrow beam for great distances. The laser beam neutralizes (or reverses) the charge on the white parts, leaving a mirror image of static electricity on the photoreceptor surface to lift powdered ink.
How the bitmap is written to the photosensitive drum.


Developing
The surface with the latent image is exposed to toner, fine particles of dry plastic powder mixed with carbon black or coloring agents. The charged toner particles are given a negative charge, and are electrostatically attracted to the photoreceptor where the laser wrote the latent image. Because like charges repel, the negatively charged toner will not touch the drum where light has not removed the negative charge.

The overall darkness of the printed image is controlled by the high voltage charge applied to the supply toner. Once the charged toner has jumped the gap to the surface of the drum, the negative charge on the toner itself repels the supply toner and prevents more toner from jumping to the drum. If the voltage is low, only a thin coat of toner is needed to stop more toner from transferring. If the voltage is high, then a thin coating on the drum is too weak to stop more toner from transferring to the drum. More supply toner will continue to jump to the drum until the charges on the drum are again high enough to repel the supply toner. At the darkest settings the supply toner voltage is high enough that it will also start coating the drum where the initial unwritten drum charge is still present, and will give the entire page a dark shadow.


Transferring
The photoreceptor is pressed or rolled over paper, transferring the image. Higher-end machines use a positively charged transfer roller on the back side of the paper to pull the toner from the photoreceptor to the paper.


Fusing
The paper passes through a fuser assembly with rollers that provide heat and pressure (up to 200 Celsius), bonding the plastic powder to the paper.
In the fuser assembly one roller is usually a hollow tube and the other is a rubber backing roller. A radiant heat lamp is suspended in the center of the hollow tube, and infrared energy is projected onto the inside of the roller to uniformly heat it from the inside out. For proper bonding of the toner, the fuser roller needs to be uniformly hot.

The fuser tends to account for up to 90% of a printer's power usage. The intense heat from the fuser assembly can cause damage to the rest of the printer, so the hot fuser assembly is often surrounded by fans blowing the heat away from the rest of the equipment inside the printer. The primary power saving feature of most copiers and laser printers is to simply turn off the fuser and let it go cold. Resuming normal operation requires waiting for the fuser to return to operating temperature before printing can begin.

Some printers use a very thin flexible metal, so that the hollow roller has a low mass and can be quickly warmed to the correct temperature. This both speeds printing from a cold idle state and permits the fuser to turn off more frequently to conserve power.

Melting toner into the paper using heat and pressure.


Cleaning
When the print is complete, an electrically neutral soft plastic blade cleans any excess toner from the photoreceptor and deposits it into a waste reservoir, and a discharge lamp removes the remaining charge from the photoreceptor.

Toner may occasionally be left on the photoreceptor when unexpected events such as a paper jam occur. The toner is on the photoconductor ready to apply, but the operation failed before it could be applied. The toner must be wiped off and the process restarted.

Waste toner cannot be reused for printing because it can be contaminated with dust and paper fibers. A quality printed image requires pure, clean toner. Reusing contaminated toner can result in splotchy printed areas or poor fusing of the toner into the paper.


Multiple steps occurring at once
Once the raster image generation is complete all steps of the printing process can occur one after the other in rapid succession. This permits the use of a very small and compact unit, where the photoreceptor is charged, rotates a few degrees and is scanned, rotates a few more degrees and is developed, and so forth. The entire process can be completed before the drum completes one revolution.

Different printers implement these steps in distinct ways. Some "laser" printers actually use a linear array of light-emitting diodes to "write" the light on the drum (see LED printer). The toner is based on either wax or plastic, so that when the paper passes through the fuser assembly, the particles of toner melt. The paper may or may not be oppositely charged. The fuser can be an infrared oven, a heated pressure roller, or (on some very fast, expensive printers) a xenon flash lamp. The Warm Up process that a laser printer goes through when power is initially applied to the printer consists mainly of heating the fuser element. Many printers have a toner-conservation mode or "economode", which can be substantially more economical with fuser consumption at the price of slightly lower contrast.


Color laser printers
Color laser printers add colored toner (typically but not always cyan, yellow, and magenta -- see CMYK) in three additional steps or passes. Color adds complexity to the printing process because very slight misalignments known as registration errors can occur between printing each color, causing unintended color fringing, blurring, or light/dark streaking along the edges of colored regions.

To permit a high registration accuracy, some color laser printers use a large belt the size of a full sheet of paper to generate the image. All four layers of toner are precisely applied to the belt, and the combined layers are then applied to the paper in a single step.

Color laser printers typically require four times as much memory as a monochrone printer to print the same size document, because each of the four CMYK color separations needs to be rasterized and stored in memory before printing can begin.


Laser printer maintenance
Most consumer and small business laser printers use a toner cartridge that combines the photoreceptor (otherwise named photoconductor unit) with the supply toner and waste toner bottle and the various wiper blades. When the supply toner runs out, replacing the cartridge also automatically replaces the photoreceptor, waste toner bottle, and blades.

Some small consumer printers use a separate toner bottle that can be replaced several times separately from the photoreceptor, allowing for a much lower cost of operation. High-volume business laser printers separate all components into individual modules.

After printing about fifty thousand pages, typical maintenance is to vacuum the mechanism, and clean or replace the paper handling rollers. The rollers have a thick rubber coating, which eventually suffers wear and becomes covered with slippery paper dust. They can usually be cleaned with a damp lint-free rag and there are chemical solutions that can help restore the traction of the rubber.

After one hundred thousand pages, it is common for the fuser assembly to either wear out or need cleaning. The fuser heating rollers are often coated with an oil that prevents toner from sticking to the rollers. A small amount of the oil coating is absorbed by each piece of paper passing through the fuser, eventually requiring the oil supply to be replenished or the pressure roller assembly to be completely replaced. It is common for the fuser assembly to be left unmaintained until the toner starts sticking to the rollers, which creates a repeating ragged line on every printed page due to the rollers not being smooth anymore.

Color laser printers are typically more expensive and higher maintenance than monochrome laser printers since they contain more imaging components. Color laser printers intended for high volume use may require supplies that monochrone printers do not use, while the least expensive consumer color laser printers are expected to wear out and fail four times faster during color printing, compared to monochrome printing.[citation needed]

Due to current market incentives, the least expensive consumer color laser printers often cost less than the total value of the replacement parts inside the printer. The photoreceptor assembly for example may last 100,000 pages but may cost as much to replace as buying a new printer with new toner cartridges included.


Steganographic anti-counterfeiting ("secret") marks

Small yellow dots on white paper, generated by a color laser printer (scale: 0.1mm). Click for a larger image.Main article: Printer steganography
Many modern color laser printers mark printouts by a nearly invisible dot raster, for the purpose of identification. The dots are yellow and about 0.1 mm in size, with a raster of about 1 mm. This is purportedly the result of a deal between the US government and printer manufacturers to help track counterfeiters. [2]

The dots encode data such as printing date, time, and printer serial number in binary-coded decimal on every sheet of paper printed, which allows pieces of paper to be traced by the manufacturer to identify the place of purchase, and sometimes the buyer. Some are concerned that this is a threat to the privacy and anonymity of those who print.


Safety hazards and precautions

Shock hazards
Although modern printers include many safety interlocks and protection circuits, it is possible for a high voltage or a residual voltage to be present on the various rollers, wires, and metal contacts inside a laser printer. Care should be taken to avoid unnecessary contact with these parts to reduce the potential for electical shock.


Toner clean-up
Toner particles are designed to have electrostatic properties and can develop static-electric charges when they rub against other particles, objects, or the interiors of transport systems and vacuum hoses. Because of this and its small particle size, toner should not be vacuumed with a conventional home vacuum cleaner. Static discharge from charged toner particles can ignite dust in the vacuum cleaner bag or create a small explosion if sufficient toner is airborne. This may damage the vacuum cleaner or start a fire. In addition, toner particles are so fine that they are poorly filtered by conventional household vacuum cleaner filter bags and blow through the motor or back into the room.

Toner particles melt (or fuse) when warmed. Small toner spills can be wiped up with a cold, damp cloth.

If toner spills into the laser printer, a special type of vacuum cleaner with an electrically conductive hose and a high efficiency (HEPA) filter may be needed for effective cleaning. These are called ESD-safe (Electrostatic Discharge-safe) or toner vacuums. Similar HEPA-filter equipped vacuums should be used for clean-up of larger toner spills.

Toner is easily cleaned from most water-washable clothing. As toner is a wax or plastic powder with a low melting temperature, it must be kept cold during the cleaning process. Washing a toner stained garment in cold water is often successful. Even warm water is likely to result in permanent staining. The washing machine should be filled with cold water before adding the garment. Washing through two cycles improves the chances of success. The first may use hand wash dish detergent, with the second cycle using regular laundry detergent. Residual toner floating in the rinse water of the first cycle will remain in the garment and may cause a permanent graying. A clothes dryer or iron should not be used until it is certain that all the toner has been removed.


Ozone hazards
As a natural part of the printing process, the high voltages inside the printer can produce a corona discharge that generates a small amount of ionized oxygen and nitrogen, forming ozone and nitrogen oxides. In larger commercial printers and copiers, a carbon filter in the air exhaust stream breaks down these oxides to prevent pollution of the office environment.

However, some ozone escapes the filtering process in commercial printers, and ozone filters are not used in many smaller consumer printers. When a laser printer or copier is operated for a long period of time in a small, poorly ventilated space, these gases can build up to levels at which the odor of ozone or irritiation may be noticed. A potential for creating a health hazard is theoretically possible in extreme cases.


See also
Daisy wheel printer
Dot matrix printer
Inkjet printer
LED printer
Thermal printer
Dye-sublimation printer
Steganography

External links
Howstuffworks "How Laser Printers Work"
Is Your Printer Spying On You? (by EFF)
Detailed description, modelling and simulation of the electrophotographic print process (technical; 7.2MB)
Xerographic Color Technology (pdf), Katun (supplier of OEM-compatible imaging supplies, photoreceptors, and parts), July 1999
Laser Printer info
Retrieved from "http://en.wikipedia.org/wiki/Laser_printer"

works .........of firewall

How does a firewall work?

By WhatIs.com
22 Oct 2003 | http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci933217,00.html?offer=LGsn605


A firewall is a set of related programs, located at a network gateway server, that protects the resources of a private network from users from other networks. (The term also implies the security policy that is used with the programs.) An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to.
Basically, a firewall, working closely with a router program, examines each network packet to determine whether to forward it toward its destination. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources.

There are a number of firewall screening methods. A simple one is to screen requests to make sure they come from acceptable (previously identified) domain name and Internet Protocol addresses. For mobile users, firewalls allow remote access in to the private network by the use of secure logon procedures and authentication certificates.

A number of companies make firewall products. Features include logging and reporting, automatic alarms at given thresholds of attack, and a graphical user interface for controlling the firewall.

To learn even more, go back to the Crash Course on Firewalls.

Share - Digg This! Bookmark with Del.icio.us


NETWORKING RELATED LINKS

Ads by Google

Firewall Log Analyzer
F/W Log Analysis & Reporting Tool For B/W & User Activity Monitoring.
www.fwanalyzer.com

Small Business Network
Let Your SMB network do more & cost less w/ Nortel. Learn how.
www.nortel.com

Internet & Security
Internet, MPLS VPN, Firewalls, AV, Routers, Switches
www.spudweb.in

Axiomtek
Manufacturer of standard or OEM network appliance platforms
www.axiomtek.com

Find and Fix Problems
Isolate, Monitor, Report, Optimize Free Guide for Network Performance
www.Packeteer.com

firewall q&a

Firewall Q&A
The Internet has made large amounts of information available to the average computer user at home, in business and in education. For many people, having access to this information is no longer just an advantage, it is essential. Yet connecting a private network to the Internet can expose critical or confidential data to malicious attack from anywhere in the world. Users who connect their computers to the Internet must be aware of these dangers, their implications and how to protect their data and their critical systems. Firewalls can protect both individual computers and corporate networks from hostile intrusion from the Internet, but must be understood to be used correctly.
We are presenting this information in a Q&A (Questions and Answers) format that we hope will be useful. Our knowledge of this subject relates to firewalls in general use, and stems from our own NAT and proxy firewall technology. We welcome feedback and comments from any readers on the usefulness or content.

We are providing the best information available to us as at date of writing and intend to update it at frequent intervals as things change and/or more information becomes available. However we intend this Q&A as a guide only and recommend that users obtain specific information to determine applicability to their specific requirements. (This is another way of saying that we can't be held liable or responsible for the content.)

For more on this and other subjects covered in these White Papers, sign up to our free Newsletter today.

Introduction
Vicomsoft develops and provides Network Address Translation technology, the basis of many firewall products. Our software allows users to connect whole LANs to the Internet, while protecting them from hostile intrusion. Click here to download free trial software.
Vicomsoft have gained significant experience in the area of firewall protection and would like to make this information available to those interested in this subject. For those who would like to study this subject in more detail useful links are listed at the end of this document.

Questions
What is a firewall?
What does a firewall do?
What can't a firewall do?
Who needs a firewall?
How does a firewall work?
What are the OSI and TCP/IP Network models?
What different types of firewalls are there?
How do I implement a firewall?
Is a firewall sufficient to secure my network or do I need anything else?
What is IP spoofing?
Firewall related problems
Benefits of a firewall
References
Download this article as a .PDF
Answers
What is a firewall?
A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It may be a hardware device (see Figure 1) or a software program (see Figure 2) running on a secure host computer. In either case, it must have at least two network interfaces, one for the network it is intended to protect, and one for the network it is exposed to.
A firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet. The earliest firewalls were simply routers. The term firewall comes from the fact that by segmenting a network into different physical subnetworks, they limited the damage that could spread from one subnet to another just like firedoors or firewalls. Figure 1: Hardware Firewall
Hardware firewall providing protection to a Local Network

Figure 2: Computer with Firewall Software
Computer running firewall software to provide protection
What does a firewall do? A firewall examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped. A firewall filters both inbound and outbound traffic. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted. Firewalls can filter packets based on their source and destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependant upon the protocol used, for example HTTP, ftp or telnet. Firewalls can also filter traffic by packet attribute or state.
What can't a firewall do?
A firewall cannot prevent individual users with modems from dialling into or out of the network, bypassing the firewall altogether. Employee misconduct or carelessness cannot be controlled by firewalls. Policies involving the use and misuse of passwords and user accounts must be strictly enforced. These are management issues that should be raised during the planning of any security policy but that cannot be solved with firewalls alone.
The arrest of the Phonemasters cracker ring brought these security issues to light. Although they were accused of breaking into information systems run by AT&T Corp., British Telecommunications Inc., GTE Corp., MCI WorldCom, Southwestern Bell, and Sprint Corp, the group did not use any high tech methods such as IP spoofing (see question 10). They used a combination of social engineering and dumpster diving. Social engineering involves skills not unlike those of a confidence trickster. People are tricked into revealing sensitive information. Dumpster diving or garbology, as the name suggests, is just plain old looking through company trash. Firewalls cannot be effective against either of these techniques.

Who needs a firewall? Anyone who is responsible for a private network that is connected to a public network needs firewall protection. Furthermore, anyone who connects so much as a single computer to the Internet via modem should have personal firewall software. Many dial-up Internet users believe that anonymity will protect them. They feel that no malicious intruder would be motivated to break into their computer. Dial up users who have been victims of malicious attacks and who have lost entire days of work, perhaps having to reinstall their operating system, know that this is not true. Irresponsible pranksters can use automated robots to scan random IP addresses and attack whenever the opportunity presents itself.
How does a firewall work? There are two access denial methodologies used by firewalls. A firewall may allow all traffic through unless it meets certain criteria, or it may deny all traffic unless it meets certain criteria (see figure 3). The type of criteria used to determine whether traffic should be allowed through varies from one type of firewall to another. Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. They may also use complex rule bases that analyse the application data to determine if the traffic should be allowed through. How a firewall determines what traffic to let through depends on which network layer it operates at. A discussion on network layers and architecture follows.
Figure 3: Basic Firewall Operation



What are the OSI and TCP/IP Network models?
To understand how firewalls work it helps to understand how the different layers of a network interact. Network architecture is designed around a seven layer model. Each layer has its own set of responsibilities, and handles them in a well-defined manner. This enables networks to mix and match network protocols and physical supports. In a given network, a single protocol can travel over more than one physical support (layer one) because the physical layer has been dissociated from the protocol layers (layers three to seven). Similarly, a single physical cable can carry more than one protocol. The TCP/IP model is older than the OSI industry standard model which is why it does not comply in every respect. The first four layers are so closely analogous to OSI layers however that interoperability is a day to day reality.

Firewalls operate at different layers to use different criteria to restrict traffic. The lowest layer at which a firewall can work is layer three. In the OSI model this is the network layer. In TCP/IP it is the Internet Protocol layer. This layer is concerned with routing packets to their destination. At this layer a firewall can determine whether a packet is from a trusted source, but cannot be concerned with what it contains or what other packets it is associated with. Firewalls that operate at the transport layer know a little more about a packet, and are able to grant or deny access depending on more sophisticated criteria. At the application level, firewalls know a great deal about what is going on and can be very selective in granting access.

Figure 4: The OSI and TCP/IP models




It would appear then, that firewalls functioning at a higher level in the stack must be superior in every respect. This is not necessarily the case. The lower in the stack the packet is intercepted, the more secure the firewall. If the intruder cannot get past level three, it is impossible to gain control of the operating system.

Figure 5: Professional Firewalls Have Their Own IP Layer





Professional firewall products catch each network packet before the operating system does, thus, there is no direct path from the Internet to the operating system's TCP/IP stack. It is therefore very difficult for an intruder to gain control of the firewall host computer then "open the doors" from the inside.

According To Byte Magazine*, traditional firewall technology is susceptible to misconfiguration on non-hardened OSes. More recently, however, "...firewalls have moved down the protocol stack so far that the OS doesn't have to do much more than act as a bootstrap loader, file system and GUI". The author goes on to state that newer firewall code bypasses the operating system's IP layer altogether, never permitting "potentially hostile traffic to make its way up the protocol stack to applications running on the system".

*June 1998

What different types of firewalls are there?
Firewalls fall into four broad categories: packet filters, circuit level gateways, application level gateways and stateful multilayer inspection firewalls.

Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. They are usually part of a router. A router is a device that receives packets from one network and forwards them to another network. In a packet filtering firewall each packet is compared to a set of criteria before it is forwarded. Depending on the packet and the criteria, the firewall can drop the packet, forward it or send a message to the originator. Rules can include source and destination IP address, source and destination port number and protocol used. The advantage of packet filtering firewalls is their low cost and low impact on network performance. Most routers support packet filtering. Even if other firewalls are used, implementing packet filtering at the router level affords an initial degree of security at a low network layer. This type of firewall only works at the network layer however and does not support sophisticated rule based models (see Figure 5). Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering.

Figure 6: Packet Filtering Firewall


Circuit level gateways work at the session layer of the OSI model, or the TCP layer of TCP/IP. They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks. Circuit level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets.

Figure 7: Circuit level Gateway


Application level gateways, also called proxies, are similar to circuit-level gateways except that they are application specific. They can filter packets at the application layer of the OSI model. Incoming or outgoing packets cannot access services for which there is no proxy. In plain terms, an application level gateway that is configured to be a web proxy will not allow any ftp, gopher, telnet or other traffic through. Because they examine packets at application layer, they can filter application specific commands such as http:post and get, etc. This cannot be accomplished with either packet filtering firewalls or circuit level neither of which know anything about the application level information. Application level gateways can also be used to log user activity and logins. They offer a high level of security, but have a significant impact on network performance. This is because of context switches that slow down network access dramatically. They are not transparent to end users and require manual configuration of each client computer. (See Figure 7)

Figure 8: Application level Gateway


Stateful multilayer inspection firewalls combine the aspects of the other three types of firewalls. They filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. They allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. They rely on algorithms to recognize and process application layer data instead of running application specific proxies. Stateful multilayer inspection firewalls offer a high level of security, good performance and transparency to end users. They are expensive however, and due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel. (See Figure 8)

Figure 9: Stateful Multilayer Inspection Firewall



How do I implement a firewall?
We suggest you approach the task of implementing a firewall by going through the following steps:

Determine the access denial methodology to use.
It is recommended you begin with the methodology that denies all access by default. In other words, start with a gateway that routes no traffic and is effectively a brick wall with no doors in it.

Determine inbound access policy.
If all of your Internet traffic originates on the LAN this may be quite simple. A straightforward NAT router will block all inbound traffic that is not in response to requests originating from within the LAN. As previously mentioned, the true IP addresses of hosts behind the firewall are never revealed to the outside world, making intrusion extremely difficult. Indeed, local host IP addresses in this type of configuration are usually non-public addresses, making it impossible to route traffic to them from the Internet. Packets coming in from the Internet in response to requests from local hosts are addressed to dynamically allocated port numbers on the public side of the NAT router. These change rapidly making it difficult or impossible for an intruder to make assumptions about which port numbers to use.

If your requirements involve secure access to LAN based services from Internet based hosts, then you will need to determine the criteria to be used in deciding when a packet originating from the Internet may be allowed into the LAN. The stricter the criteria, the more secure your network will be. Ideally you will know which public IP addresses on the Internet may originate inbound traffic. By limiting inbound traffic to packets originating from these hosts, you decrease the likelihood of hostile intrusion. You may also want to limit inbound traffic to certain protocol sets such as ftp or http. All of these techniques can be achieved with packet filtering on a NAT router. If you cannot know the IP addresses that may originate inbound traffic, and you cannot use protocol filtering then you will need more a more complex rule based model and this will involve a stateful multilayer inspection firewall.

Determine outbound access policy.
If your users only need access to the web, a proxy server may give a high level of security with access granted selectively to appropriate users. As mentioned, however, this type of firewall requires manual configuration of each web browser on each machine. Outbound protocol filtering can also be transparently achieved with packet filtering and no sacrifice in security. If you are using a NAT router with no inbound mapping of traffic originating from the Internet, then you may allow LAN users to freely access all services on the Internet with no security compromise. Naturally, the risk of employees behaving irresponsibly with email or with external hosts is a management issue and must be dealt with as such.

Determine if dial-in or dial-out access is required.
Dial-in requires a secure remote access PPP server that should be placed outside the firewall. If dial-out access is required by certain users, individual dial-out computers must be made secure in such a way that hostile access to the LAN through the dial-out connection becomes impossible. The surest way to do this is to physically isolate the computer from the LAN. Alternatively, personal firewall software may be used to isolate the LAN network interface from the remote access interface.

Decide whether to buy a complete firewall product, have one implemented by a systems integrator or implement one yourself.
Once the above questions have been answered, it may be decided whether to buy a complete firewall product or to configure one from multipurpose routing or proxy software. This decision will depend as much on the availability of in-house expertise as on the complexity of the need. A satisfactory firewall may be built with little expertise if the requirements are straightforward. However, complex requirements will not necessarily entail recourse to external resources if the system administrator has sufficient grasp of the elements. Indeed, as the complexity of the security model increases, so does the need for in-house expertise and autonomy.

Is a firewall sufficient to secure my network or do I need anything else?
The firewall is an integral part of any security program, but it is not a security program in and of itself. Security involves data integrity (has it been modified?), service or application integrity (is the service available, and is it performing to spec?), data confidentiality (has anyone seen it?) and authentication (are they really who they say they are?). Firewalls only address the issues of data integrity, confidentiality and authentication of data that is behind the firewall. Any data that transits outside the firewall is subject to factors out of the control of the firewall. It is therefore necessary for an organization to have a well planned and strictly implemented security program that includes but is not limited to firewall protection.

What is IP spoofing?
Many firewalls examine the source IP addresses of packets to determine if they are legitimate. A firewall may be instructed to allow traffic through if it comes from a specific trusted host. A malicious cracker would then try to gain entry by "spoofing" the source IP address of packets sent to the firewall. If the firewall thought that the packets originated from a trusted host, it may let them through unless other criteria failed to be met. Of course the cracker would need to know a good deal about the firewall's rule base to exploit this kind of weakness. This reinforces the principle that technology alone will not solve all security problems. Responsible management of information is essential. One of Courtney's laws sums it up: "There are management solutions to technical problems, but no technical solutions to management problems".

An effective measure against IP spoofing is the use of a Virtual Private Network (VPN) protocol such as IPSec. This methodology involves encryption of the data in the packet as well as the source address. The VPN software or firmware decrypts the packet and the source address and performs a checksum. If either the data or the source address have been tampered with, the packet will be dropped. Without access to the encryption keys, a potential intruder would be unable to penetrate the firewall.

Firewall related problems
Firewalls introduce problems of their own. Information security involves constraints, and users don't like this. It reminds them that Bad Things can and do happen. Firewalls restrict access to certain services. The vendors of information technology are constantly telling us "anything, anywhere, any time", and we believe them naively. Of course they forget to tell us we need to log in and out, to memorize our 27 different passwords, not to write them down on a sticky note on our computer screen and so on.

Firewalls can also constitute a traffic bottleneck. They concentrate security in one spot, aggravating the single point of failure phenomenon. The alternatives however are either no Internet access, or no security, neither of which are acceptable in most organizations.

Benefits of a firewall
Firewalls protect private local area networks from hostile intrusion from the Internet. Consequently, many LANs are now connected to the Internet where Internet connectivity would otherwise have been too great a risk.

Firewalls allow network administrators to offer access to specific types of Internet services to selected LAN users. This selectivity is an essential part of any information management program, and involves not only protecting private information assets, but also knowing who has access to what. Privileges can be granted according to job description and need rather than on an all-or-nothing basis.

References
A definition of Firewall Security from searchSecurity.com.
Firewall.com - The Complete Security Portal
A definition of Firewalls from the FreeBSD Handbook
Network Security Tutorial from About.com

what is firewall

firewall Last modified: Thursday, August 26, 2004





Whitepaper: Surviving Windows Vista Migration
Windows Vista is here, and your IT organization now faces the immense task of planning, executing, and managing the migration to a new operating system. Creating a smooth and effective migration path requires a comprehensive, best practice-based approach. >

Whitepaper: A Best Practice-Based Approach to Knowledge Management
Knowledge Centered Support (KCS) has emerged as the most complete and effective approach to the practice of knowledge management in service and support environments. The idea is simplegiving your technicians the accurate and up-to-date knowledge they need to solve user problems and keep your IT environment running smoothly and efficiently. >

Whitepaper: Transforming IT With Strategic Measurement
Transforming an organization is always challenging, but as a number of IT organizations have discovered, using a strategic measurement and management framework like the IT Balanced Scorecard can reduce risks and significantly increase the probability of success. >

Change, Configuration, and Release Management Solution Builder
Answer five questions about your change processes and then tell us a little about yourself. You'll get a customized, in-depth report that delivers real-world advice for developing a business-centric Change, Configuration, and Release Management foundation. >

Whitepaper: A Balanced Approach to Unifying IT Operations, Service Desks, and Business Objectives
EMA has evolved a dual CMDB system modeldescriptive (what are successful adopters doing?) and proscriptive (recommended roadmap to provide flexible starting-point choices). Download this whitepaper to learn more. >



(fīr´wâl) (n.) A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:

Packet filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
In practice, many firewalls use two or more of these techniques in concert.

A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.



•E-mail this definition to a colleague•

Sponsored listings
Computer Security for Small Businesses - We focus entirely on the computer security needs of companies with 3 to 50 PCs. We manage, monitor and modify remotely.

Network Liquidators: Network Firewalls - Buys and sells refurbished, new, and used Cisco firewalls including base units, cards, memory, cables, parts, and components.

Wingate Gateway, Proxy & Firewall Software - Secure internet access sotware. Includes firewall, proxy, VPN, mail server, routing, DHCP, and User Access Control. Free trial download.


For internet.com pages about firewall . Also check out the following links!




eSecurity Planet
A resource for daily information on e-security targeted to IT managers. The site provides users with information from a variety of sources, including experts at security product and services firms, and the consultants who follow the security industry.


Design the Firewall System
A practice from the CERT Security Improvement Modules.


Extinguishing Firewall Hyperbole
Are new firewall technologies improvements or complications? Evaluate the pros and cons.


Firewall Info
Protect your system with a firewall. You must protect your system with a personal firewall, especially if you are using DSL or cable modem.


Firewalls FAQ
Contains answers to basic questions about firewalls.


Great Walls of Fire
Hackers, lurking cyber punks and viruses. Enough to give any network administrator the willies. But, an efficient firewall could be just the armor your network may need to combat most of these threats.(2001)


SecurityTracker.com
Information on the latest security vulnerabilities, free SecurityTracker Alerts, and customized vulnerability notification services.


Why You Need a Firewall
Describes security issues when connecting to the Internet, with information on how to protect your network. This page is hosted by Cisco Systems Inc.


Yahoo!'s firewall companies page
Yahoo!'s directory of firewall companies.


Yahoo!'s firewalls page
Yahoo!'s directory of firewalls.



Sponsored listings
Fortinet Fortigate Firewalls on Sale - Call Now - Fortinet Fortigate Antivirus Firewalls provide real-time network protection. Visit AVFirewalls.com for free Gifts with every Fortinet Purchase!

Network IPS with Firewall Architecture from Top Layer - Provides businesses with high-performance network firewall protection against worms, viruses, trojans, DDoS attacks, and Microsoft vulnerabilities.

SonicWALL TZ and SonicWALL PRO Series Firewalls On Sale Now! - SonicWALL Firewall Hardware, SSL, VPN, Consulting & Information. Contact us today & we can help you find the right solution for your business!

Enso Technologies - IT Infrastructure Specialists! - Enso Technologies provides information technology design, implementation and maintenance services. Deploying technology to meet business needs.

Nokia Security Products at SecureHQ - Authorized reseller of the complete line with great prices. Fast shipping. Pre-bid Federal pricing available via our NASA SEWP contract.


Business Computing
Networks

Security





application gateway
bastion host

bit bucket

DMZ

extranet

firewalking

intranet

IP spoofing

NAT

network

packet filtering

PIX Firewall

port scanning

proxy server

pulsing zombie

security

stateful inspection

TCB

zombie





Give Us Your
Feedback



Firewalls
firewall Products


Shop by Top Models:
Cisco PIX® 501 (PIX-501-BUN-K9) Firewall
14 store offers from $360 - $470

SonicWALL TZ 170 (01-ssc-5555) Firewall
12 store offers from $269 - $392

Watchguard Firebox® Edge X20e (WG50020) Firewall
10 store offers from $362 - $500

Cisco ASA 5505 (ASA5505BUNK9) Firewall
10 store offers from $355 - $425

SonicWALL PRO 3060 (01-SSC-5365) Firewall
20 store offers from $1823 - $2455

fire wall

Firewall (networking)
From Wikipedia, the free encyclopedia
Jump to: navigation, search
This article is about the network security device. For other uses, see Firewall (disambiguation).

Firewall separating zones of trust
A firewall is a hardware or software device which is configured to permit, deny, or proxy data through a computer network which has different levels of trust.
Contents[hide]
1 Function
2 History
2.1 First generation - packet filters
2.2 Second generation - "stateful" filters
2.3 Third generation - application layer
2.4 Subsequent developments
3 Types
3.1 Network layer and packet filters
3.2 Application-layer
3.3 Proxies
3.4 Network address translation
4 See also
5 References
6 External links
//

[edit] Function
A firewall's basic task is to transfer traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized zone (DMZ).
A firewall's function within a network is similar to firewalls with fire door in building construction. In former case, it is used to prevent network intrusion to the private network. In latter case, it is intended to contain and delay structural fire from spreading to adjacent structures. An analogy of network firewall is a fire-resistance rated wall with a fire-resistance rated, self-closing, solid-core, inside unlockable, outside key-lockable door between a house and its attached garage.
Without proper configuration, a firewall can often become worthless. Standard security practices dictate a "default-deny" firewall ruleset, in which the only network connections which are allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration requires detailed understanding of the network applications and endpoints required for the organization's day-to-day operation. Many businesses lack such understanding, and therefore implement a "default-allow" ruleset, in which all traffic is allowed unless it has been specifically blocked. This configuration makes inadvertent network connections and system compromise much more likely.

[edit] History
Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. The original idea was formed in response to a number of major internet security breaches, which occurred in the late 1980s. In 1988 an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues that read,

We are currently under attack from an Internet VIRUS! It has hit Berkeley, UC San Diego, Lawrence Livermore, Stanford, and NASA Ames.

The Morris Worm spread itself through multiple vulnerabilities in the machines of the time. Although it was not malicious in intent, the Morris Worm was the first large scale attack on Internet security; the online community was neither expecting an attack nor prepared to deal with one.
[edit] First generation - packet filters
The first paper published on firewall technology was in 1988, when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. This fairly basic system was the first generation of what would become a highly evolved and technical internet security feature. At AT&T Bill Cheswick and Steve Bellovin were continuing their research in packet filtering and developed a working model for their own company based upon their original first generation architecture.
Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the Internet. If a packet matches the packet filter's set of rules, the packet filter will drop (silently discard) the packet, or reject it (discard it, and send "error responses" to the source).
This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (it stores no information on connection "state"). Instead, it filters each packet based only on information contained in the packet itself (most commonly using a combination of the packet's source and destination address, its protocol, and, for TCP and UDP traffic, which comprises most internet communication, the port number).
Because TCP and UDP traffic by convention uses well known ports for particular types of traffic, a "stateless" packet filter can distinguish between, and thus control, those types of traffic (such as web browsing, remote printing, email transmission, file transfer), unless the machines on each side of the packet filter are both using the same non-standard ports.

[edit] Second generation - "stateful" filters
From 1980-1990 three colleagues from AT&T Bell Laboratories, Dave Presetto, Howard Trickey, and Kshitij Nigam developed the second generation of firewalls, calling them circuit level firewalls.
Second Generation firewalls do not simply examine the contents of each packet on an individual basis without regard to their placement within the packet series as their predecesors had done, rather they compare some key parts of the trusted database packets. This technology is generally referred to as a 'stateful firewall' as it maintains records of all connections passing through the firewall, and is able to determine whether a packet is the start of a new connection, or part of an existing connection. Though there's still a set of static rules in such a firewall, the state of a connection can in itself be one of the criteria which trigger specific rules.
This type of firewall can help prevent attacks which exploit existing connections, or certain Denial-of-service attacks, including the SYN flood which sends improper sequences of packets to consume resources on systems behind a firewall.

[edit] Third generation - application layer
Publications by Gene Spafford of Purdue University, Bill Cheswick at AT&T Laboratories and Marcus Ranum described a third generation firewall known as application layer firewall, also known as proxy based firewalls. Marcus Ranum's work on the technology spearheaded the creation of the first commercial product. The product was released by DEC who named it the SEAL product. DEC’s first major sale was on June 13, 1991 to a chemical company based on the East Coast of the USA.
The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol, DNS or web browsing), and can detect whether an unwanted protocol is being sneaked through on a non-standard port, or whether a protocol is being abused in a known harmful way.
This type of filtering can be carried out by proxy servers, but if the filtering is done by a standalone firewall appliance, or in a device for traffic shaping, the technology is likely to be referred to as deep packet inspection.

[edit] Subsequent developments
In 1992, Bob Braden and Annette DeSchon at the University of Southern California (USC) were developing their own fourth generation packet filter firewall system. The product known as "Visas" was the first system to have a visual integration interface with colours and icons, which could be easily implemented to and accessed on a computer operating system such as Microsoft's Windows or Apple's MacOS. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1.
A second generation of proxy firewalls was based on Kernel Proxy technology. This design is constantly evolving but its basic features and codes are currently in widespread use in both commercial and domestic computer systems. Cisco, one of the largest internet security companies in the world released their PIX product to the public in 1997.
Some modern firewalls leverage their existing deep packet inspection engine by sharing this functionality with an Intrusion-prevention system (IPS).
Currently, the Middlebox Communication Working Group of the Internet Engineering Task Force (IETF) is working on standardizing protocols for managing firewalls and other middleboxes, a way of transferring policy enforcement.

[edit] Types
There are several classifications of firewalls depending on where the communication is taking place, where the communication is intercepted and the state that is being traced.

[edit] Network layer and packet filters
Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not allowing packets to pass through the firewall unless they match the established ruleset. The firewall administrator may define the rules; or default rules may apply. The term packet filter originated in the context of BSD operating systems.
Network layer firewalls generally fall into two sub-categories, stateful and stateless. Stateful firewalls maintain context about active sessions, and use that "state information" to speed up packet processing. Any existing network connection can be described by several properties, including source and destination IP address, UDP or TCP ports, and the current stage of the connection's lifetime (including session initiation, handshaking, data transfer, or completion connection). If a packet does not match an existing connection, it will be evaluated according to the ruleset for new connections. If a packet matches an existing connection based on comparison with the firewall's state table, it will be allowed to pass without further processing.
Stateless firewalls have packet-filtering capabilities, but cannot make more complex decisions on what stage communications between hosts have reached. Stateless firewalls therefore offer less security.
Modern firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, netblock of originator, domain name of the source, and many other attributes.
Commonly used packet filters on various versions of Unix are ipf (various), ipfw (FreeBSD/Mac OS X), pf (OpenBSD, and all other BSDs), iptables/ipchains (Linux).

[edit] Application-layer
Main article: Application layer firewall
Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without acknowledgement to the sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.
By inspecting all packets for improper content, firewalls can restrict or prevent outright the spread of networked computer worms and trojans. In practice, however, this becomes so complex and so difficult to attempt (given the variety of applications and the diversity of content each may allow in its packet traffic) that comprehensive firewall design does not generally attempt this approach.
The XML firewall exemplifies a more recent kind of application-layer firewall. It performs mainly three functions i.e; simplest. sees only; a- address b-service protocol. auditing is difficult.

[edit] Proxies
Main article: Proxy server
A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests, for example) in the manner of an application, whilst blocking other packets.
Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). Conversely, intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes; the proxy then masquerades as that system to other internal machines. While use of internal address spaces enhances security, crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network..

[edit] Network address translation
Main article: Network address translation
Firewalls often have network address translation (NAT) functionality, and the hosts protected behind a firewall commonly have addresses in the "private address range", as defined in RFC 1918. Firewalls often have such functionality to hide the true address of protected hosts. Originally, the NAT function was developed to address the limited amount of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance.

[edit] See also
Access control list
Bastion host
Comparison of firewalls
Computer security
End-to-end connectivity
Firewall pinhole
Network Address Translation
Network security
Reconnaissance
Personal firewall
Golden Shield Project
Unified Threat Management
Ice wall

[edit] References
This article does not cite any references or sources.Please help improve this article by adding citations to reliable sources. (help, get involved!)Unverifiable material may be challenged and removed.This article has been tagged since October 2006.

[edit] External links
Internet Firewalls: Frequently Asked Questions, compiled by Matt Curtin, Marcus Ranum and Paul Robertson.
Evolution of the Firewall Industry - Discusses different architectures and their differences, how packets are processed, and provides a timeline of the evolution.
Retrieved from "http://en.wikipedia.org/wiki/Firewall_%28networking%29"
Categories: Articles lacking sources from October 2006 All articles lacking sources Computer network security Firewall software Packets Data security
Views
Article
Discussion
Edit this page
History
Personal tools
Sign in / create account

if (window.isMSIE55) fixalpha();
Navigation
Main page
Contents
Featured content
Current events
Random article
interaction
About Wikipedia
Community portal
Recent changes
File upload wizard
Contact Wikipedia
Make a donation
Help
Search

Toolbox
What links here
Related changes
Upload file
Special pages
Printable version
Permanent link
Cite this article
In other languages
العربية
Bân-lâm-gú
Bosanski
Български
Català
Česky
Dansk
Deutsch
Eesti
Español
Esperanto
Euskara
فارسی
Français
Galego
한국어
Hornjoserbsce
Hrvatski
Bahasa Indonesia
Italiano
עברית
Magyar
Македонски
മലയാളം
Nederlands
日本語
‪Norsk (bokmål)‬
Polski
Português
Română
Русский
Simple English
Slovenčina
Slovenščina
Српски / Srpski
Suomi
Svenska
ไทย
Tiếng Việt
Türkçe
Українська
中文


This page was last modified 14:08, 30 July 2007.
All text is available under the terms of the GNU Free Documentation License. (See Copyrights for details.) Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a US-registered 501(c)(3) tax-deductible nonprofit charity.
Privacy policy
About Wikipedia
Disclaimers
if (window.runOnloadHook) runOnloadHook();

sanjay

Dutt's plea to surrender later rejectedHindu - 52 minutes agoMumbai, July. 31 (PTI): Actor Sanjay Dutt's plea seeking time to surrender after he was given a six-year jail term in the 1993 serial blasts case today was rejected by a special court that said he should be held in a separate cell in the Arthur Road ...Chronology of events leading to Sanjay Dutt`s conviction Zee NewsSanjay Dutt jailed for six years in Mumbai blasts case Khabrein.info

History of computer viruses

History of computer viruses
Like any other field in computer science, viruses have evolved -a great deal indeed- over the years. In the series of press releases which start today, we will look at the origins and evolution of malicious code since it first appeared up to the present.Going back to the origin of viruses, it was in 1949 that Mathematician John Von Neumann described self-replicating programs which could resemble computer viruses as they are known today. However, it was not until the 60s that we find the predecessor of current viruses. In that decade, a group of programmers developed a game called Core Wars, which could reproduce every time it was run, and even saturate the memory of other players' computers. The creators of this peculiar game also created the first antivirus, an application named Reeper, which could destroy copies created by Core Wars.However, it was only in 1983 that one of these programmers announced the existence of Core Wars, which was described the following year in a prestigious scientific magazine: this was actually the starting point of what we call computer viruses today.At that time, a still young MS-DOS was starting to become the preeminent operating system worldwide. This was a system with great prospects, but still many deficiencies as well, which arose from software developments and the lack of many hardware elements known today. Even like this, this new operating system became the target of a virus in 1966: Brain, a malicious code created in Pakistan which infected boot sectors of disks so that their contents could not be accessed. That year also saw the birth of the first Trojan: an application called PC-Write.Shortly after, virus writers realized that infecting files could be even more harmful to systems. In 1987, a virus called Suriv-02 appeared, which infected COM files and opened the door to the infamous viruses Jerusalem or Viernes 13. However, the worst was still to come: 1988 set the date when the "Morris worm" appeared, infecting 6,000 computers.From that date up to 1995 the types of malicious codes that are known today started being developed: the first macro viruses appeared, polymorphic viruses... Some of these even triggered epidemics, such as MichaelAngelo. However, there was an event that changed the virus scenario worldwide: the massive use of the Internet and e-mail. Little by little, viruses started adapting to this new situation until the appearance, in 1999, of Melissa, the first malicious code to cause a worldwide epidemic, opening a new era for computer viruses.
History of computer viruses, part 2
History of computer viruses, part 3
History of computer viruses, part 4
History of computer viruses, part 5
History of computer viruses, part 6
Source: http://www.pandasoftware.com

history of viruses

The ebola virusViruses have been around for longer than you might think. Check out the timeline for a brief history of computer viruses.
Click on the highlighted virus names to learn more about them.
1986
The first PC virus was created. Known as the Brain virus, it was written in Pakistan. The Brain virus was a boot-sector virus, which means it only infected the boot records of 360K floppy disks, but not hard drives. It would occupy unused space on the disk so that it could not be used. It was also the first "stealth" virus, meaning it tried to hide itself from detection. If a computer user tried to view the infected space on the disk, Brain would display the original, uninfected boot sector.
1987
In November, the Lehigh virus was discovered at Lehigh University in the U.S. It was the first "memory resident file infector". A file-infecting virus attacks executable files. It gets control when the file is opened. The Lehigh virus attacked a file called COMMAND.COM. When the file was run (usually by booting from an infected disk), the virus stayed in the resident memory.
In December, the Jerusalem virus appeared at Hebrew University in Israel. It was also a memory resident file infector. It was the first virus that contained a bug that caused it to re-infect already infected programs.
1988
In March, the first anti-virus virus was written. It was designed to detect and remove the Brain virus and immunized disks against Brain infection.
The Cascade virus is found in Germany. It was the first encrypted virus, meaning it was coded so that it could not be changed or removed.
Viruses started getting media attention, with articles in magazines like Business Week, Newsweek, Fortune, PC Magazine and Time
1989
On September 17, the Washington Post reports that a computer virus "that springs to life destructively on Friday the 13th is on the loose". The virus was called DataCrime and ended up being blown way out of proportion.
A virus called Dark Avenger introduced a new feature. It was designed to damage a system slowly, so it would go unnoticed at first and damaged files would be backed up.
In October, the Frodo virus turned up in Israel. If was the first full-stealth file infector, designed to damage the hard drive if run on or after September 22 of any year.
1990
Many anti-virus products were introduced, including ones from IBM, McAfee, Digital Dispatch and Iris.
Viruses combining various characteristics spring up. They included Polymorphism (involves encrypted viruses where the decryption routine code is variable), Armoring (used to prevent anti-virus researchers from dissembling a virus) and Multipartite (can infect both programs and boot sectors).
1991
Symantec releases Norton Anti-Virus software.
In April, the Tequlia virus is discovered. It is Stealth, Polymorphic and Multipartite!
1992
Media mayhem greeted the virus Michaelangelo in March. Predictions of massive disruptions were made and anti-virus software sales soared. As it turned out, the cases of the virus were far and few between.
1993
The SatanBug virus appears around Washington DC The anti-virus industry helped the FBI find the person who wrote it - it was a kid.
Cruncher was considered a "good" virus because it compressed infected programs and gave users more disk space.
1994
A virus called Kaos4 was posted on a pornography news group file. It was encoded as text and downloaded by a number of users.
A virus called Pathogen appeared in England. The writer was tracked down by Scotland Yard's Computer Crime Unit and convicted.
1995
Anti-virus companies worried nobody would need them anymore because of Windows 95. The most common viruses were still boot viruses that worked on DOS, but wouldn't replicate on Windows 95. But, later in 1995, macro viruses appeared. These viruses worked in the MS-Word environment, not DOS. The anti-virus industry was caught off-guard, but was happy at the same time.
1996
Concept, a macro-virus, becomes the most common virus in the world.
Boza , a weak virus, is the first virus designed for Windows 95
Laroux is the first virus to successfully infect Microsoft Excel spreadsheets.
1999
The Melissa virus, a macro, appears. It uses Microsoft Word to infect computers and is passed on to others through Microsoft Outlook and Outlook Express e-mail programs.
2000
The "I Love You Virus" wreaks havoc around the world. It is transmitted by e-mail and when opened, is automatically sent to everyone in the user's address book.
To learn more about computer viruses and to keep up with the latest virus news, check out F-Secure Framework's site, IBM's anti-virus webpage and Symantec's website.