Emails are provided to employees as an efficient means of communication, along with this technological advancement are many collateral problems concerning enterprise information security, such as email worm thread, disclosure of trade secrets or other enterprises’ confidential information, etc. Capsa 7.2.1 provides you with powerful email monitoring. With the captured email file, you are accessible not only to basic email information such as client, server, sender name, time, etc, but also to the original content of the email. Capsa 7.2.1 supports auto-saving email content. All of the email information is captured and saved, which will serve as valuable electronic evidence when needed.

MSN (aka Live Messenger) and Yahoo Messenger are two of the most popular chat tools on internet, IM monitoring is a necessary and effective method for enterprises to ensure employees’ work efficiency. Capsa 7.2.1 gives a real-time instant message monitoring and recording. Capsa 7.2.1 is able to deliver the most accurate MSN and Yahoo messenger monitoring statistics which can be exported and saved for further analysis. To some extent, IM monitor helps enterprise achieve effective management as well as improve network and economic performance.

Besides IM and Email monitors, considering our users may have useful project files saved by version 6.9, Capsa 7.2.1 supports opening project file from Capsa 6.9.

Full article at http://blog.colasoft.com/.

A SQL slammer spreads itself by taking advantage of the Microsoft SQL Server’s remote stack buffer over flow vulnerability. It scans TCP 1433, or UDP 1434 port, and tries to install itself on the scanned server. When a server is infected, it tries to open a back door for the hacker, and start another scanning process of infection.

As a network sniffer, Colasoft Capsa is designed to diagnosis your network comprehensively as to guarantee network security. Well, in this article, I’m going to make it clear to you how to find out SQL slammer with Colasoft Capsa.

How to Find Out SQL Slammer with Colasoft Capsa?

First, we’ll start from the traffic of the network. Open the IP endpoint tab to find out which nodes have the biggest traffic. Click column head, Total Bytes, to rearrange traffic in descending order. We can see IP address, one ninety two, dot one sixty eight, dot one dot ninety four, takes the biggest traffic. It sends more than eighteen thousand packets out but receives no packet. And it almost takes up all the bandwidth. Let’s focus on this address. Click locate icon to locate the node in node explorer.

The address is located in the IP Explorer. All the tabs will only display data relating to this IP address.

Let’s go on to check what protocols the node is using, to send and receive packets. We need to open the protocol tab. In this tab, we can find all the protocol statistics of the network. We can see most of the packets use UDP protocol. Its total traffic is 7 point three M B. This address is very suspicious.

Let’s check who it’s communicating with. As it sends all packets in UDP, we will go with the UDP conversation tab. We can see in this tab that all packets are sent to port 1434. We know that Microsoft SQL Server opens service at this port. It means that this node is trying to connect Microsoft SQL servers. All the destination addresses are different. From these three columns, we learn that this machine sends a 422 bytes UDP packet to every IP address. But it gets no response as there is no packet received.

Now, we are very sure that this node is scanning Microsoft SQL server port and it’s very like a SQL slammer. To prove our prediction, we need go down to check the original information from the packets it sends. Open the Packet tab. From the absolute time column, we see all the packets are sent at a great speed. In Protocol and Size column, we understand that all packets use UDP protocol, and have the same size of 422 bytes. And we can see in this panel that all packets carry the same data.

Besides, we can have a graphical view of the communication of this IP address. Open the Matrix tab. This node has sent packets to more than 1000 IP addresses. The color of the line indicates that all of them are one way communication.

Based on the protocol, conversations, port and its behaviors we are quite sure that, the machine, one ninety two, dot one sixty eight, dot one dot ninety four, is infected with a SQL slammer, that is trying to infect other servers.

This is how we can find out SQL slammer with Colasoft Capsa, you can download a free trail Here!

To Enhance network security, speed up your existing network problem detection and resolution process, increase ROI on existing networks, reduce loss caused by downtime and service degradation, Capsa provide 24/7 surveillance over network, and consist of: Easy-to-navigate UI Quick Drilldown Analysis Easy-to-interpret Graphs and Reports Expert Diagnosis Real-time Troubleshooting Function chart

Capsa VS Wireshark

The Prevx Process

When download Prevx you may think something’s gone wrong with the browser. It couldn’t have finished that fast, could it? But in truth the download is a mere 800 KB. MalwareBytes’ Anti-Malware is a significantly smaller download than most antimalware programs but it’s still almost four times Prevx’s size. You’d expect Panda Cloud Antivirus 0.9 to be a small download, since its intelligence lives in the cloud, but it weighs in at nearly 20 MB. Spyware Doctor with AntiVirus 6 is well over 20 MB and Webroot AntiVirus with AntiSpyware 6.0 just short of 40 MB. Prevx’s minuscule download size is the first clue that we’re looking at something really, really different.

Installation happens so fast you could miss it if you blink. A couple seconds after you accept the license agreement and click Next the installation is complete. Panda and Malwarebytes both install in a little over a minute; I used to think that was fast. Eight minutes to install Webroot and 18 minutes to install Spyware Doctor on an identical test system now seem positively glacial.

Immediately upon installation Prevx launches directly into a required “learning scan.” During this scan, it checks the installed programs and other executables on your system against the Prevx online database, identifying known good programs and flagging any malware it finds. The learning scan just takes a minute or so.

If the learning scan finds low-risk adware, Prevx offers to clean it up for free. If it finds anything more serious than that, you have to purchase and enter a license key before it will perform a cleanup. After you enter the license key, Prevx starts its standard full scan, which is more thorough than the learning scan. On a malware-infested system, this scan sometimes took four or five minutes. On a clean system, it ran in less than two minutes.

Prevx relies entirely on its online database for malware identification, so it simply won’t scan if it can’t contact the database. This is slightly different from Cloud Antivirus, which procedes with the scan after warning the user that it won’t be fully effective. On the other hand, Cloud Antivirus needed a full half-hour to scan my standard clean test system.

Repeat As Necessary

Once the scan is complete, the next step is to download removal instructions for the found threats. Prevx doesn’t maintain a huge set of local removal instructions for every possible threat. It just downloads what it needs to know to get rid of the actual threats it found—a very smart approach. The instruction download is quick, and the removal process is quick. It’s also potentially rough on other programs that are running. Prevx warns the user to save all files, close all programs, disconnect from the Internet and be prepared to reboot.

Immediately on reboot, Prevx runs another scan. In testing, this repeated scan frequently found more threats and hence triggered another reboot and rescan. The product just won’t rest until it has successfully run a full scan that detects no remaining threats. I like that, especially since each scan just takes a few minutes.

When malware damages or replaces essential system components, the cleanup process itself can cause system problems. For example, when Cloud Antivirus removed a threat that hookd into the TCP/IP stack, the system lost its ability to connect with the Internet. When Prevx detects this kind of problem, it checks its database to see if there’s a copy of the undamaged component elsewhere on your computer. If so, Prevx simply restores the found good component. If not, the app prompts for the Windows install disk. And, indeed, it didn’t lose connectivity on repairing the same system that gave Cloud Antivirus a problem.

If by some mischance Prevx can’t fully clean the system, you can have a tech-support agent connect with your system remotely and perform a manual cleanup. The company is confident enough of success that they offer a money-back guarantee. In my testing Prevx always reached the green “Secure” status, so I didn’t get to see this feature in action.

Excellent Detection

I installed Prevx on a dozen test systems infested with a wide variety of malware samples including viruses, Trojans, worms, adware, spyware, and scareware (rogue security software). Prevx immediately went to work and quickly reported that each system was infected. I copy/pasted the license key to enable cleanup, after which it ran the deeper full scan.

In every case, Prevx required a reboot to finish cleaning up after the initial full scan. Five of the systems crashed with a blue screen error at this point. Blue screen errors during malware cleanup aren’t uncommon, but I’ve never seen so many with one product. I asked Prevx about that and they explained that the program is designed to trigger a blue screen crash event if necessary to keep malware from re-infesting the system. Most users won’t even see the crash because, by default, Windows restarts immediately. My virtual machine test systems are configured to disable that automatic restart so I can view details of any crashes, or I would never have noticed.

In some cases, the program displayed a popup reporting detection of active malware and recommending removal. I always chose to remove the reported malware, which caused the current full scan to restart. That makes sense, because the product won’t quit until it completes a full scan with no more detections. Some systems needed another reboot and rescan cycle. One had to go around five times before it was fully clean. I appreciate the Prevx’s tenacity!

Under my current testing regimen, a product only gets the full ten points for removing a threat if it eliminates all of the threat’s executable files and also removes 80 percent or more of the non-executable files and Registry debris. Removing 20 to 80 percent earns nine points, and if it leaves behind more than 80 percent of the junk it just gets eight points. Failing to remove executable files is more significant and knocks the score down to five. Leaving any of those executable files running means the product earns just three points.

Prevx detected 94 percent of the threats, more than any other product tested with this same collection. Norton 360 version 3 was next, with 92 percent, followed by Cloud Antivirus with 89 percent. But Norton did a more thorough job of cleaning up what it detected, so it scored 7.3 points for malware removal, compared to 7.0 for Prevx. None of the other apps tested scored as high.

In a parallel test using commercial keyloggers in place of actual malware, Prevx detected 90 percent of the threats, the same as Webroot and more than any other product. But Webroot cleaned up more thoroughly, scoring 6.8 in this test while Prevx got 6.0 points. Norton 360 edged out Prevx with 6.1 points. Fortunately for Cloud Antivirus (3.8 points) and MalwareBytes (0.5 points) I give much less weight to this test.

For the current round of testing, I’ve broken out a separate rootkit score, drawn from both malware and keyloggers that use rootkit technology. Prevx tied with Webroot for detection again: both got 89 percent. Webroot scored 7.1 overall against rootkits, while Prevx scored 6.7. None of the rest scored as high. In particular, Cloud Antivirus scored a measly 3.3 points and MalwareBytes just 3.6. It’s worth noting that Prevx successfully disabled the rootkit component of every such threat it detected.

Scareware (rogue security software) is a growing concern, so I’ve also started breaking out a scareware score. Prevx’s 6.0 score is more or less in the middle, while Malwarebytes was the big winner with 7.3 points. Spyware Doctor had the lowest score, 3.3. It just didn’t recognize most of these samples as threats.

Prevx detected a larger percentage of malware than any of the other products in this test, and it tied with Webroot for best detection of keyloggers and rootkits. Had it been as successful at cleanup as it was at detection it would have completely blown away the competition. That could still happen–Prevx CEO Mel Morris tells me that they’re working on beefing up the product’s cleanup ability.

Powerful Protection

While Prevx is quite good at detecting malware on an infested system, it’s even better at protecting a clean system. Some products scan every file on any kind of access, even the minimal access that occurs when Windows Explorer queries the file’s details. Prevx, like Webroot and Malwarebytes, waits until the file tries to launch before scanning it.

Prevx’s on-launch scan is extremely effective. In many cases, it immediately wiped out the malware installer, causing Windows to gripe that it “cannot access the specified device, path, or file.” Others got caught during the install, or at the point when the installed malware launched. In a few of those cases, it requested a full scan after detection.

As in the removal test, Prevx detected more malware than any of the competition–97 percent! And it was quite effective at preventing installation of those threats, coming up with a superb malware blocking score of 9.4 points. Webroot and Spyware Doctor detected 94 and 92 percent respectively. Norton 360 detected 89 percent but cleaned up what it found more effectively. So Norton 360 picked up 8.7 points while Webroot, Spyware Doctor, and Cloud Antivirus tied at 8.3. MalwareBytes free edition doesn’t include realtime blocking, and its Pro edition scored a dismal 4.3 points.

In a parallel test using commercial keyloggers in place of malware, Prevx detected every sample and completely prevented installation for most of them. None of the keyloggers could run, but some of the installers did manage to place executable files on the test system. Prevx’s 8.9 points in this test is impressive, beaten only by 9.0 from Spyware Doctor.

Prevx and Spyware Doctor both detected all of the rootkit samples and both scored 8.9 points for rootkit blocking. But when I broke out a score specific to scarewar,e the results were quite different. Prevx and MalwareBytes scored 9.2 points, Webroot and Cloud Antivirus attained a perfect 10 points, and Spyware Doctor trailed the pack with a dismal 3.3.

Prevx had the highest detection percentage of any product tested in blocking or removal of malware, keyloggers, and rootkits (though it shared the top spot with others in some cases). Its overall malware blocking score is significantly higher than any of the others tested. And it does all this without needing to maintain and update a signature database. I’m very impressed.

Detection and False Positives

As noted, Prevx doesn’t rely on predefined signatures to identify malicious files. Rather, it looks at patterns of suspicious behavior. It also takes a file’s age and distribution into account. A file seen by Prevx for the first time is naturally under more suspicion than a file that’s been around for a year or two. And a widely-distributed file, one that’s on thousands of computers, is less likely to be an emerging threat than one that’s only found on a handful of Prevx-equipped systems.

The database quickly identifies most programs as known good or known bad. When it hits a suspicious unknown, it requests a copy of the sample and runs an automated analysis in an isolated sandbox environment. According to Prevx, this analysis takes from 30 seconds to five minutes. Of course, once the file is identified as good or bad, the same file needn’t be analyzed again.

There’s a chance any behavior-based system will mistakenly identify a valid program as malware. To test for such false positives, I installed a dozen-plus PCMag.com utilities that hook into Windows in ways that might be deemed suspicious. For example, KeyTick uses the same kind of keyboard hook as some keyloggers, and BHOCop changes the status of other Browser Helper Objects. Prevx didn’t complain about any of these, which is a good sign.

It did identify one of my own hand-coded analysis tools as Medium Risk Malware, but I can hardly blame it. This is a tool that I use to check whether the product under testing has completely cleaned up known malware infestations. The program had never before been seen by Prevx and is found only on a handful of systems – strike one. It is only found on systems seriously infested with malware – strike two. And in order to check cleanup status it accesses tons of files and Registry keys associated with malware – strike three!

Rather than consider this a problem, I think it actually shows the effectiveness of Prevx’s system. I had no trouble reporting the detection as a false positive and getting the tool re-categorized as a good program.

Gregg Keizer from Computerworld

Microsoft Corp. on Thursday launched the first public preview of its long-awaited online version of Office, dubbed — drum roll, please — Office Web Apps.

But the so-called Technical Preview — Microsoft’s way of saying it’s available only by invitation — raises more questions than it answers, if only because it’s decidedly a work in progress.

What’s in the preview? What isn’t? Can you use the desktop software you love, or loath, alongside the online version, or do you have to pick one?

We have answers to the pressing questions, including the biggest one: How do I get in on the preview?

Can I play with the Office Web Apps Technical Preview? Although this first round of testing may be open to “thousands,” as the company said, not everyone’s eligible. Among those invited to participate are some Windows and Office Live users, other select beta testers and Microsoft partners.

Most testers have been pulled from Windows and Office Live, so you’ll need to have an account. To find out if you got lucky, surf to the site, click on the More menu and select SkyDrive. Finally, click on the Documents folder. If you’re one of the chosen, you’ll see an invite message in a blue bar at the top of the SkyDrive display.

By the way, the Technical Preview is for the consumer version of Office Web Apps, the one that will be available free-of-charge next year.

I wasn’t picked. When do I get my chance?

Later this year — Microsoft stuck with “fall” yesterday — Office Web Apps will shift into a public beta, open to all. Microsoft’s not saying anything more than that, other than to point to a page on its site where you can add your name to a notification list.

What applications are available now?

Word Web App, Excel Web App and PowerPoint Web App work now, but the fourth program, OneNote Web App, is coming later.

When Technical Preview testers select New from the Document folder’s menu, then choose Microsoft OneNote notebook, a message pops up that reads “Still to come … OneNote is not currently available. We are working on it though.”

And yes, those are the official names Microsoft has slapped on its Web software. We know, not exactly flashy, but then Google Web Apps isn’t any snappier.

Zoho easily wins the name game battle.

What is working? I’ve heard they’re crippled

That may be too strong a word — no pun intended — since Microsoft hasn’t spelled out what will make it in the beta or final versions, but not all planned features are functional in the Technical Preview.

In Word Web App, for example, you can’t create a new document, but you can view and print Word files you’ve uploaded to SkyDrive. There’s no provision for editing Word documents online at the moment either.

“We still have a bunch of work to do [on Word Web App],” said Chris Bryant, a group product manager for Office, in a video posted on Microsoft’s site. “To prevent people from having a bad experience out of the gate, we wanted to make sure that it was solid enough to do a tech preview. Unfortunately we had to make the hard decision to turn off editing.”

You can create new worksheets and presentations in Excel Web App and PowerPoint Web App, as well as view and edit them. There’s no printing in either Excel or PowerPoint on the Web, however.

And you can’t “publish” documents to a Web site or blog in the Technical Preview, although that feature, like others, will be added before Office Web Apps goes final.

Can I try out Office Web Apps, either now or later, on the Mac? What about Linux?

Yes to both.

In fact, Microsoft doesn’t set system requirements by operating system, but instead by browser. To run the Web versions of Word, Excel and PowerPoint, you must use Internet Explorer 7 (IE7) or IE8 — they’re only on Windows, naturally — Mozilla’s Firefox 3.5 on the Mac or Linux, or Apple’s Safari 4.0 on the Mac.

Opera and Chrome users are out of luck, as are the handful of people running Safari for Windows.

What about accessing Office Web Apps documents from my phone? Can I do that now?

No. And Microsoft’s not saying when you will, or on what handsets and using which browsers.

Microsoft’s promised that Office Web Apps will support mobile browsers, but it declined to get specific about which and when. “We are still in early phases of development and will share additional details around specific browsers and functionality at a later date,” a company spokeswoman said.

To muddy the waters even more, Microsoft’s also committed to something called Office Mobile, which lets users open and edit Word, Excel and PowerPoint documents on new Windows Mobile 6.5-powered handsets slated to go on sale Oct. 6.

How does Office Web Apps work with the desktop Office I use?

The in-development Office 2010 — which moved into its own Technical Preview phase two months ago — will include the ability to save files to SkyDrive, where they’ll be accessible in a browser via Office Web Apps. Office 2010 will also be able to open files stored online without firing up a browser, Microsoft said.

A slew of older Office editions can be used to create documents suitable for uploading to SkyDrive, where they can then be edited, viewed, printed and shared through Office Web Apps. The list: Office 2000, Office XP, Office 2003 and Office 2007 on Windows; and Office for Mac 2008.

Because Office Web Apps uses the Office Open XML file formats — like .docx and .xlsx — which debuted in Office 2007, files created by earlier editions of the desktop software are automatically converted to OOXML, raising the possibility of formatting glitches. Microsoft, however, has promised file-format fidelity between the desktop and online versions of Office.

Only Office 2010, however, can open Office Web Apps documents for editing when you click the “Open in Word,” “Open in Excel” or “Open in PowerPoint” button on the Web Apps editions.

What about the enterprise? Did Microsoft forget us?

No, although you’ll have to wait until Office Web Apps moves into public beta to preview the enterprise version.

Companies with Software Assurance plans will be able to host Office Web Apps using an on-premises SharePoint Server, while other businesses can purchase subscriptions to the online edition from Microsoft Online Services.

Office Web Access will be provided free-of-charge to Software Assurance customers, but prices for the subscription access to Office Web Apps have not been set.

If Microsoft gives away Office Web Apps, why would I ever buy the desktop edition again? Won’t the online version cannibalize sales of the oh-so-profitable Office?

To answer the second question first, Microsoft said it doesn’t expect Office Web Apps to eat into sales of its desktop software.

“We think it’s quite the opposite,” a spokeswoman maintained. “Services are an opportunity to grow our business. Office Web Apps are designed to enhance the experience for our users.”

One analyst agreed. “Microsoft has carefully limited the Web apps,” said Rob Helm of Directions on Microsoft in an interview Thursday. “You’ll have a fighting chance to do some commenting and some formatting, and maybe entering some text, but in Microsoft’s mind, it’s not about replacing Office, not even the lowest-priced Home and Student Edition.”

As for your first question, well, that’s up to you and, we suspect, time.

When will Office Web Apps leave Technical Preview and enter beta? When will Microsoft take it final?

Microsoft’s being vague in answers to both questions, saying only that the beta, which will be open to all comers, will go live this fall, while the final version will be available simultaneously with Office 2010, scheduled to ship sometime in the first half of 2010.
For more inforamtion about network packet sniffer, please go to colasoft blog

By Preston Gralla Computerworld.com

Now that Microsoft’s Windows 7 has reached the release to manufacturing (RTM) stage, it’s time to take a close look at all the features of the upcoming operating system.

You might think that, because there are so many similarities between Windows 7 and Windows Vista, Windows 7 is essentially just a big Windows Vista service pack. But in reality, Windows 7 is a solid, well-performing operating system, free of many of the glitches that bedeviled the launch of Windows Vista. Speed improvements, interface enhancements and easier ways to manage your documents make this a new operating system in its own right, and one that’s well worth the upgrade.

Installation and performance

In order to examine all the pros and cons of the new OS, I installed Windows 7 RTM on a Dell Inspiron E1505 notebook with 1GB of RAM and a 1.83 GHz Core Duo processor.

I performed a fresh install, rather than an upgrade, which took approximately 45 minutes (including the usual restarts one has come to expect from Windows installations).

The install was largely uneventful, with two minor anomalies. After Windows 7 installed, it did not recognize my video card and used a generic VGA driver. This was problematic on my laptop, because the display cannot use the full 1280 by 800 resolution. However, Windows 7 soon resolved the problem itself: It automatically downloaded the proper driver via Windows Updates. After a reboot, all was well.

I’ve found similar problems with every prerelease version of Windows 7 I’ve tried, including RC1. RTM is a slight improvement over RC1 in this respect, because with RC1 I had to manually find and update the driver myself. In RTM, Windows 7 did it by itself. Still, clearly it would have been better if the initial Windows 7 installation used the proper driver. We’ll have to wait and see when Windows 7 hits retail shelves whether this becomes a common issue.

More problematic was a blip that I also had with several prerelease versions of Windows 7. I was unable to get Windows Aero to work, even after the new driver downloaded. So I turned to the Control Panel Troubleshooting applet and clicked “Display Aero desktop effects,” and Windows discovered the problem — the Desktop Windows Manager was disabled. The troubleshooter enabled it, and the problem was permanently fixed.

On the earlier versions, the problem was back each time I rebooted, and I had to run the troubleshooter each time. Although RTM is an improvement, this is not how an operating system should run on installation.

On the plus side, performance, even on my aging Dell, was surprisingly zippy and certainly superior to that of Windows Vista on the same machine. Aero worked like a charm, windows and dialog boxes appeared quickly, and I experienced no slowdowns. The Control Panel and its applets opened nearly immediately, without the delays common in Windows Vista.

Checking out the new taskbar

At first glance, Windows 7 doesn’t look much different from Windows Vista — but spend a few minutes with it, and you’ll find some significant changes.

The most noticeable is the new taskbar, which replaces both the old Quick Launch bar (for launching applications) and the old taskbar (for switching among running windows). The new taskbar combines the two features, doing double-duty as a task launcher and task switcher, similar to the Mac OS X Dock. In general, it succeeds admirably.

The new taskbar does double-duty as a program launcher and task switcher.

Large icons on the taskbar are used to launch applications, as well as to switch to different windows running in those applications. As with the old Quick Launch toolbar, you click an icon to launch the associated program. If you’ve already launched the program and have more than one window open in the taskbar, the application’s icon changes to show multiple icons stacked against one another.

For example, if you’re running Microsoft Word with three open windows, you’ll see a stack of three Word icons. Hover your mouse over the stacked icons, and thumbnails of all the open windows appear above the taskbar. Hover your mouse over any one of those thumbnails, and it displays at its full window size. To go straight to any window, click any of the thumbnails or windows. You can also close any window directly from its thumbnail by clicking a small red X that appears on the upper-right portion of the thumbnail.

Internet Explorer, Windows Explorer and Windows Media Player all have icons permanently pinned to the taskbar by default. You can pin any other application to the taskbar by dragging its icon to the taskbar.

What happens if you’ve got an application with too many open windows to fit as thumbnails across the taskbar? That’s when “taskbar thumbnail overflow” takes over. When you hover your mouse over the application’s taskbar icon, a list of files appears rather than individual thumbnails. The list still works like the thumbnail view — highlight any file on the list, and it appears at its normal size, just as it would in a thumbnail view. You can also close any window by clicking a small X, just as in thumbnail view.

It may take longtime Windows users some time to get used to the new taskbar, but when they do, they’ll find it a significant productivity boost, particularly when multiple applications with multiple windows are open. When this happens in Windows Vista, the taskbar soon gets cluttered with too many icons, and it is quite difficult to find the window to which you want to switch. In Windows 7, you can find the right window almost immediately by hovering your mouse over the proper application’s icon.

In fact, it’s superior to the Mac OS X Dock, from which it takes its inspiration, because in the Dock, you don’t get a thumbnail view of all your open windows in an application. Of course, the Dock and Mac OS X Exposé have plenty of nifty tricks that the new taskbar doesn’t, such as a quick way to see all of your open windows arrayed nicely against the desktop. In the next version of Windows, Microsoft would do well to steal some ideas from Exposé.

Putting the Jump List through its hoops

The taskbar has an associated feature called Jump Lists that makes it even more useful. When you right-click an application’s icon in the taskbar, a menu appears of actions associated with that application — and the list varies according to the application. For example, when you right-click Microsoft Word, you’ll see a list of recently opened files, but when you click Internet Explorer, you’ll see a list of your most frequently visited sites.

The Windows 7 Jump List shows actions associated with an application.

In addition to lists of files, you’ll see tasks you can perform. For example, if you right-click on Windows Media Player, a task will let you play music. You’ll also be able to close all open windows or pin the program to the taskbar if it’s not already pinned there. (When you run a program that is not permanently pinned to the taskbar, the program’s icon shows up in the taskbar for as long as the program runs. Once you stop running a nonpinned program, it vanishes from the taskbar.)

Similarly, recently used programs that appear on the Start menu each offer a list of recently opened files, the same as the one that shows up for applications on the Jump List. An arrow appears next to applications that use this feature. Click the arrow to see the list, then click any file to re-open it.

The new taskbar and Jump List have some hidden features. For example, you can manually pin files to a Jump List for a program that normally doesn’t handle that file type by simply dragging the file onto the program’s icon on the taskbar. You can then open the file using the program to which it has been pinned. It’s a simple way to open a file using an application that normally doesn’t handle that file type, without being forced to permanently change the file association.

Remote Desktop Connection users will be pleased to see that when you pin the Remote Desktop Connection icon to your taskbar, it includes all of the remote desktop connections you’ve saved in the Jump List. That makes it much easier to take control of remote PCs on your network.

A deep look at Aero Peek

No doubt the niftiest addition to the Windows 7 interface is Aero Peek, a tweak to the Aero interface that lets you “peek” behind any open window. It puts the Show Desktop icon on Vista’s Quick Launch bar to shame.

Aero Peek takes up residence as a small, just-visible vertical button at the right edge of the taskbar. Mouse over it and all of your open windows disappear — you can see straight through to your desktop. However, your open windows don’t entirely disappear — you also see the outlines of each.

For example, if you have four open windows, you see the outlines of each of those screens, even if they overlap. To see the desktop with no outlined windows, click the Aero Peek rectangle instead of hovering your mouse over it. In that case, it works just like Vista’s Show Desktop feature.

This does more than just offer a bit of eye candy — although the eye candy is certainly nice. If you use gadgets and they are hidden by open windows, Aero Peek lets you peek through all open windows at the gadgets underneath, because Windows 7 considers gadgets part of the desktop. In addition, if you regularly keep many windows open, it’s a quick way to see at a glance which windows you have open.

Switching among windows using Alt-Tab has been improved by combining it with Aero Peek. When you use Alt-Tab to cycle through your open windows, you still display the window that you’ve tabbed to, but you also peek through to the desktop to see the underlying desktop, along with outlines of any other open windows, just as you can with Aero Peek.

Aero Peek is directly tied to the taskbar’s thumbnail feature. Turn off Aero Peek, and you won’t see thumbnails when you hover your mouse over the icon of a running application in the taskbar; you’ll see a stacked list instead. You turn Aero Peek on and off by right-clicking the Aero Peek rectangle, and by checking or unchecking the box next to “Peek at desktop.”

Aero Peek lets you “peek” behind all your open windows to the desktop.

Other interface tweaks

There are interface tweaks throughout Windows 7. One of my favorites is the way windows are minimized, maximized and moved. Drag the title bar of a window to the top of the screen, and it maximizes the window. When you drag the title down from the top of the screen, it returns to its previous, non-maximized size. Drag any window to the right or left edge of the screen, and it takes up that half of the screen.

There are plenty of other improvements. You can now turn the preview pane in Windows Explorer on and off by clicking a button, a task that in Vista takes multiple clicks. The Control Panel also has some new tricks — when you’re on the main Control Panel screen and click any category, the category’s main screen slides into place on the right and displays a list of relevant actions on the left.

It’s also easy to clean the Notification Area (the area on the right side of the taskbar that shows the time and date, icons of programs running, etc.) and keep it free of icons via a new dialog box. And when you want to customize your desktop, you can choose and customize themes more easily by right-clicking the Desktop and choosing Personalize.

Several Windows 7 applets, including Paint and WordPad, now sport a Ribbon interface, like the one that debuted in Microsoft Office 2007 and is being carried over into the prerelease of Office 2010. In addition, Vista’s Windows Sidebar, which let you use a number of desktop gadgets, has been dispensed with; gadgets can now live anywhere on the desktop.

The Start button no longer protrudes across the top of the taskbar, and it glows with a more noticeable light than in Vista. The associated Windows Shut Down button has been improved: Click an arrow to the button’s right, and you get a list of shutdown options, including switching to a different user.

There are similar changes sprinkled throughout every level of the operating system, giving it a more polished feel than Vista.

Finally, in Windows 7, Microsoft seems to have found its inner bizarre artistic self, because in addition to the usual high-resolution photographs and nature scenes that the company includes for use as desktop backgrounds, there are oddly compelling images that are a mix of psychedelia, Hieronymus Bosch, Disney characters, Japanese anime and flat-out weirdness.

Surprise! UAC is usable

Quick, what is the most reviled feature of Windows Vista? As far as I can tell, it’s User Account Control (UAC), Microsoft’s method for keeping your computer safe. Unfortunately, many users felt that UAC was so inconvenient that they turned it off entirely.

In Windows 7, UAC finally gets out of your way and strikes the right balance between security and usability. Far fewer prompts appear, and the ones that do appear pop up only for good reason. Want to do something really weird and wild, like, say, change the date and time on your PC? With Vista, you’ll get a UAC prompt. In Windows 7, you can make the change without the prompt.

Also, UAC is now customizable. In Vista, UAC was either on or off. With Windows 7, you have some control over how it works by using a slider to change to one of four settings:

Always notify me when: This is in essence UAC Classic, and it works like Vista’s UAC. When you make changes to your system, or when software is installed or when a program tries to make a change to your system, a prompt appears.

Default — Notify me only when programs try to make changes to my computer. As the setting says, this is the Windows 7 default. You get a UAC prompt only when a program tries to make a change. As part of that prompt, your desktop goes dark, just like it does in Vista.

You can now customize UAC to work the way you’d like.

Notify me only when programs try to make changes to my computer (do not dim my desktop). This is identical to the default, with one change: When a UAC prompt appears, your desktop doesn’t go dark. You’d use this setting if it takes a long time for your desktop to recover from going dark and you don’t want that delay.

Never notify me when: In this one, UAC is completely turned off.

Windows Vista users will find one aspect of the new UAC confusing. Windows 7, as with Vista, displays a small, multicolored shield icon next to any selection or setting that spurs a UAC prompt under the most restrictive UAC settings. In Windows 7, that shield stays there no matter what your UAC setting is. So if you keep the Windows 7 default UAC setting, you’ll still see the shield next to many settings, such as the one for changing your system time or date. But when you click, no prompt appears. This takes some getting used to. It would be better if Windows 7 grayed out the shield when the UAC will not generate a prompt.

Networking: A mixed bag

Networking has long been Windows’ Achilles’ heel — the networking features have always felt bolted on rather than an integral part of the operating system. I can’t say that Windows 7 finally gets networking right, but at least it’s made some moves in the right direction.

The biggest addition is HomeGroup, a feature for home networks designed to make it easier to share files, folders and devices such as printers.

As the name implies, HomeGroup works if you designate your network as Home; if your network is labeled as a work or a public network, you can’t use it. Your HomeGroup is protected by a password. It lets you specify which files, folders and devices you want to share, and also lets you keep certain files and folders private.

Those who use a laptop in multiple locations — at work and home, for example — may find it useful because it lets you keep your work files private when you’re at home. Also, when you come home from work, you won’t need to change your default printer; when you join your HomeGroup, you’ll automatically use your home printer. HomeGroup also has a feature missing from Windows networking up until now: the ability to easily stream media to other devices connected to the network.

Unfortunately, HomeGroup only partially succeeds, because the HomeGroup feature works only with other Windows 7 PCs, not with Vista- or XP-based PCs, Linux-based PCs or Macs. So it’s not a feature most people will use, since most people with more than one PC at home will have XP or Vista on at least one of them — and they might actually have a Mac or Linux-based PC as well. Microsoft is clearly hoping that people will eventually run Windows 7 on all their home PCs — but that’s a bet I wouldn’t make.

In addition to HomeGroup, Windows 7 also includes the networking capabilities built into Windows Vista — with some of the same problems. On my home network, Windows 7 initially had problems finding PCs that weren’t running Windows 7 or Vista. It could not find several XP PCs connected to my network or a Mac connected to the network. Several hours later, the problem resolved itself, with no explanation, although not all of the Macs and XP PCs appeared on the Network Map; some showed up only in Windows Explorer. When I rebooted, it still took some time for non-Windows 7 or non-Vista PCs to show up anywhere.

HomeGroup makes it easier to share files, folders and printers.

After a while, this resolved itself, and all of the PCs showed up immediately in Windows Explorer. This exact thing happened to me with Vista — at first I experienced the problems, and then over time they seemed to disappear (although in Vista they still reappear from time to time). The same pattern seems to be happening with Windows 7.

The Network and Internet Control Panel applet has been put on a much-needed diet, with a more streamlined interface and fewer confusing sharing options. There is a better-organized set of links for accomplishing network-related tasks, and simpler ways to immediately see the most important information about your network, such as its type, its name, the state of its connection and so on. Categories such as Offline Files seem to have been eliminated. (The People Near Me feature, thankfully, was also put out to pasture, doing away with one of the more pointless features of Vista.)

The downside of this diet, though, is that some features don’t seem to be accessible from the Control Panel, even though they still exist somewhere in the bowels of Windows. The Sync Center, for example, which lets you synchronize offline files with other computers on your network, is still available, but not from the Network and Internet Control Panel applet. Instead, you’ll have to first list all of the applets on the Control Panel alphabetically (by changing the view to either large icons or small icons) and then choose Sync Center from that alphabetical list.

Document sharing has been improved. Right-click a folder or file and select “Share with” from the menu that appears. You’ll get another menu that offers options such as sharing with a HomeGroup, disallowing sharing, or sharing with specific people. This is different from Vista and XP, where you have to go through menus and option screens to customize file sharing, often forcing you to figure out how to configure permissions — a place even angels fear to tread.

Wireless networking has been tweaked to let you connect to a network with fewer clicks. The wireless networking icon in the system tray displays a small star on it when wireless networks are available. Click it, and a list of available networks appears. Click on a network name, and a small Connect button appears. Click it to connect to the network.

Multimedia: Incremental improvements

Windows 7 is certainly not a multimedia powerhouse, but it does include some incremental improvements over Vista.

In previous versions of Windows, you could use a stripped-down version of the bloated Windows Media Player that was accessible from the player itself. Now there’s a stripped-down version available from Windows Explorer’s Preview pane as well. Just select the file you want to play, click the Play button, and the small media player operates within the pane. You don’t get all of Windows Media Player’s other capabilities, of course, but it’s a great way to sample music or video.

The biggest change is that you can stream media among networked Windows 7 PCs via Windows Media Player. Again, though, that requires you to have only Windows 7 PCs in your network; it would be better if you could stream to and from earlier versions of Windows. And Windows Media Player can now handle a wider variety of formats, including the AAC audio format used by Apple’s iTunes.

Windows Media Center now has a feature called Internet TV that at first sounds like a very big deal. I was hoping that there would be a way to tune in to all the various TV shows that are now available online from inside Windows Media Center, without having to jump from site to site. I was hoping you would be able to do that using the very nice interface, searching capabilities, etc., of Windows Media Center — things that a site like Hulu.com doesn’t have. I was also hoping that Microsoft might make deals with various networks, cable outlets, etc., to provide content for Internet TV.

Alas, that is not the case. Instead, you’ll find canned TV segments, each of which is several minutes long, many of them quite old. Looking for the latest sports news? You may be shocked to discover via Internet TV that the New York Jets have fired head coach Eric Mangini (which happened back in December 2008). Clearly, this feature needs some work.

Windows Media Center also has something called Internet TV Beta 2, which one would expect to be a more advanced version of the default version of Internet TV, especially because it requires a download. But it’s basically the same content in a nicer-looking interface.

Hardware support

Microsoft does not want to relive the many hardware problems that plagued the launch of Windows Vista. This time around, the company says, Windows 7 will be able to use the same drivers as Vista, which means that it should work with most hardware purchased in the past several years. But it also means that some older hardware won’t work with Windows 7.

The new Devices and Printers folder may eventually make hardware easier to manage.

In my testing, Windows 7 worked with several printers (including a network-attached printer), a DVD burner, and my older Dell laptop (although as I pointed out in the installation section, it had to download a driver before the video display worked properly). There’s a new Devices and Printers folder that has the potential for finally making hardware easier to manage — although at this point, it is only a platform-in-waiting (waiting for peripheral makers to provide the appropriate software).

The folder will hold icons representing each device; the icons can be created by the manufacturer to make the icon look like the device itself. A new technology called Device Stage will let hardware makers create an interface for managing the devices using features specific to that device. This interface will replace Windows’ usual near-incomprehensible menus and boxes for managing hardware. It will only be useful, though, if the manufacturers actually create those interfaces.

Extras — and missing features

You’ll find plenty of nifty extras sprinkled throughout Windows 7, many so small that it may take weeks or months before you find them. For example, when you right-click a computer on your network, a new item appears on the menu — the ability to make a remote desktop connection to that network, so that you can take it over via remote control. Anyone who has had to struggle with the difficulties of finding another computer via a remote desktop connection will welcome this change.

More important, Windows finally has a usable backup program. Windows Vista’s backup was one of the worst applets ever built into an operating system, but the one in Windows 7 has enough features that you might actually use it. You can now customize your backups by choosing to include or exclude specific drives and folders. You can also easily make entire system images. And when you plug in a device that can be used for backup, such as a USB hard drive, a wizard can be launched that walks you through creating a backup — just choose the “Use this drive for backup” option that appears when you plug in the device.

Windows 7 now has a series of built-in troubleshooters that can diagnose and solve common Windows problems. I can vouch that at least one of them works, because that’s how I managed to turn on Aero — the troubleshooter found and resolved the problem.

Not all of the new extras, though, are nifty. There’s a new Sticky Note applet, for example, which at first sounds nice to have. But it is so lacking in even the most basic features, such as the ability to search through your notes, that it’s unlikely you’ll ever use it. Don’t be surprised if this one gets dropped from Windows 8, or at least beefed up.

Also notable is what’s missing. Microsoft has removed a number of applets and features from Windows 7, which is both good news and bad. On the good-news side is that a number of features, such People Near Me, have thankfully been taken out and shot. On the bad-news side is that some very nice applications have been removed as well, such as Windows Mail and Windows Movie Maker. They can be downloaded for free, though.

For the enterprise

Windows 7 includes a variety of features designed for enterprises and for small to midsize businesses as well.

AppLocker lets IT staff control what is run on individual users’ PCs, banning or allowing specific applications.

The BitLocker encryption tool has been improved and now includes BitLocker to Go, which can encrypt data on USB drives.

Windows 7 also includes “federated search,” which Microsoft says will allow people to use the Windows 7 search capabilities to search through remote document repositories set up by IT.

When Windows 7 is used in concert with Windows Server 2008 R2, Microsoft says, enterprises can take advantage of what it calls DirectAccess, which allows remote workers to securely access a corporate network without having to use a VPN. DirectAccess is also designed to make it easier for IT to manage remote machines.

BranchCache is aimed at branch offices — when used with Windows Server 2008 R2, it speeds up the responsiveness of network applications, Microsoft says.

Finally, the new Windows XP Mode allows businesses to run Windows XP applications inside Windows 7 so that they look as if they are running on Windows 7 natively although they in fact are running in a virtual XP window. (Consumers can run this as well, but because of hardware limitations and a less-than-simple setup, it is better for businesses.)

The bottom line

It’s become the received wisdom to say that Windows 7 is what Windows Vista should have been, implying that Windows 7 is essentially a supercharged Vista service pack. In fact, even though Windows 7 looks much like Vista on the surface, it’s actually a substantial rework. It sports improved speed, far better task switching and task launching, and productivity improvements. And it’s just plain more fun than Vista or XP — you’ll most likely enjoy your life at the keyboard more.

That being said, there’s plenty to work on. Networking, long Microsoft’s bugaboo, still needs to be improved, notably by figuring out a way to extend HomeGroup to previous versions of Windows and other operating systems as well. In addition, Windows 7 is still far behind the curve when it comes to watching TV over the Internet.

Still, if you’re a Vista user, you’ll do well to upgrade to Windows 7; it’s a superior operating system. What if you use XP? First, check if your hardware can handle it. If it can, and if you’re not wedded to XP for the remainder of your time on Earth, it’s finally time to upgrade.

Colasoft Capsa Enterprise R2 is now full support windows 7.

Adrian Kingsley-Hughes from zdnet.com

Sunbelt Software’s VIPRE – I’ve finally found an antivirus package that delivers the goods.

Over the years I’ve become truly disillusioned by security software. A good antivirus package used to be the first thing that I installed on a system after installing the OS, but now that’s become one of those tasks that I know I should do (not just to protect myself, and the network, but others that I communicate with) but that I put off until the last minute. Why? Because I know I’ll start hating the system shortly afterwards and resenting the security software for consuming so much of my precious system resources.

VIPRE setup and interface gallery

There have been times when seeing the performance hit that a system takes after installing a security package has actually made me put my head in my hands and wonder whether all these strides we have made in processor power and RAM capacities are all undone thanks to security firms unleashing their bloated wares upon us. I’m not going to name any names – I’m pretty sure that most of you will be able to rattle off a list of them without any prompting from me.

Time for a short story …

OK, story time. Last night my wife and I were at my mother-in-laws and the subject of her slow notebook came up. The notebook is question is an aging IBM ThinkPad R51e that runs Windows XP and which hasn’t really been all that fast from the start. It suffers from not enough RAM and too many drivers and specific apps (which are tricky to remove without losing features) kludging up the system. But what makes matters worse is that any security software that you install onto the system amplifies these problems greatly.

The antivirus package that was installed on the system was Kaspersky AntiVirus 2009 2008. I have a love/hate relationship with this product and use if mostly because it’s the best of a bad bunch (a statement that says a lot about the current line up of security software). We uninstalled this application and immediately there was a performance gain. I didn’t benchmark the system under controlled conditions but I’d say that boot times were cut by about 33% and loading times for applications by 25%. However, I knew that I couldn’t leave the system unprotected and that I’d have to install something in place of Kaspersky. Then I remembered that I’d received an email earlier in the week from Sunbelt Software informing me that the new VIPRE antivirus and antispyware app was out (an enterprise version has also been released). One of the features that the email bragged about what how this software wasn’t a resource hog.

I decided to pull up the website and take a look. The copy for VIPRE (which stands for “Virus Intrusion Protection Remediation Engine”) was full of performance-related claims:

• “VIPRE Antivirus + Antispyware is high-performance security software that doesn’t slow down your PC like older, traditional antivirus products.”
• “Tired of old antivirus software that makes your PC slow down to a crawl? Interrupting what you are doing with slow scan times, causing problems and nagging you? Time for a change to next-generation antivirus + antispyware that IS NOT a resource hog!”
• “Does not slow down your PC”

Bold claims, but that said, almost all antivirus vendors nowadays makes similar claims.

OK, I clicked the download link and the 12.6MB packaged came down swiftly. I started the install process which seemed much like every other install process and the program installed without fuss. After a reboot the setup wizard picked up again and guided us through the initial setting up of the software. VIPRE downloaded the risk definitions and the program was ready to roll.

Then I noticed something. The system was just as responsive with VIPRE installed as without. Wow! I wasn’t expecting that. We rebooted the system just in case it wasn’t running, and then downloaded the EICAR test file to make sure that it was running and sure enough, it was, and it was having almost no effect on the performance of the system. To say I was impressed would be an understatement.

Back at the PC Doc HQ …

Today I’ve had a chance to take a closer look at VIPRE, and it has to be said that I like what I see.

• First off, the performance claims do seem to be real. today I’ve uninstalled a number of different antivirus packages from a selection of systems and replaced them with VIPRE and on every system I’m seeing and feeling a performance boost. Not only is the real time monitoring far lighter and and less of a resource hog than any other antivirus package I’ve come across, the system scanner is also fast and light-weight (I’ve been typing this, taking screenshots and running a couple of virtual machines while VIPRE has been scanning my system). My testing backs up the claims made by Sunbelt Software and goes to prove the benefits of adopting a clean slate, building a product from the ground up approach.
• VIPRE offers all-round protection – antivirus, antispyware, protection from email-borne threats, rootkit detections and other goodies such as a secure file eraser and history cleaner.
• VIPRE is easy to use. In fact, the interface is a pleasure to use.
• The product is honest and gives you clear feedback relating to what it finds on your system – no scan and scare tactics here.
• Then there’s the aspect of fair pricing. A single license for VIPRE costs $29.95 and gives you a year’s worth of updates, while a 3-user annual subscription is $39.95, while for $49.95 you can protect all PCs in a single household with a single site license. That’s the fairest deal I’ve come across.
  “Typical ‘household’ licenses offered for security software products limit the number of PCs protected to anywhere from three to five per household,” said Alex Eckelberry, president of Sunbelt Software. “With our unlimited home site license, customers pay one low annual subscription price for the product of their
  choice for all the PCs in their home. We don’t care if it’s five, ten, or 200 computers.  One price covers all the computers located in that residence.”

Now I’ve rolled VIPRE onto a number of systems, I’ll let you know how things go in a follow-up post.

System Requirements

• Microsoft Internet Explorer 5.5 or higher
• At least an IBM Compatible 400MHZ computer with minimum 256MB RAM
• At least 150MB of available free space on your hard drive
• 2x CDROM
• Internet access with at least 56Kbps connection
• Supported Operating Systems:
  - Windows 2000 SP4 RollUp 1
  - Windows Server 2008
  - Windows XP SP1, SP2, SP3 (Home, Pro, Media Center, Tablet) 32 and 64-bit
  - Windows Vista+ (All flavors) 32 and 64-bit
• Supported Email Applications: Outlook 2000+, Outlook Express 5.0+, Windows Mail on Vista, and SMTP and
• POP3 (Thunderbird, IncrediMail, Eudora, etc.)
• Installation of VIPRE is not supported on Windows 95, 98, or ME, Macintosh or Linux

A completely fully functioning trial version of Colasoft Capsa R2 is available.

A trade group representing peer-to-peer file sharing providers next week will publish a report that finds P2P software companies are modifying their programs in an effort to make it harder for users to inadvertently share sensitive information.

Elinor Mills(Cnet news editor) said:

For corporate IT administrators, that shift can’t come soon enough. The problem was highlighted by the recent news that avionics blueprints of President Obama’s helicopter had leaked through a peer-to-peer network used by a defense contractor to an IP (Internet Protocol) address in Iran.

This isn’t the first time sensitive data has trickled out via popular file sharing networks. Last summer, personal information of some 1,000 former patients of the Walter Reed Army Medical Center was believed to have been leaked via a peer-to-peer network. Sensitive health care and financial data has also been found on file sharing networks, according to studies from Dartmouth College and P2P network monitoring service provider Tiversa, which also uncovered the leaked presidential helicopter data.

Peer-to-peer use at ABN Amro and Pfizer led to the exposure of personally identifiable information of more than 20,000 consumers in 2007. And then there was the symbolic slap in the face when politicians called P2P networks a potential “national security threat” at a congressional hearing that summer.

Minimizing the risk

IT administrators need to have a written policy that specifies whether or not employees are allowed to use file sharing. And they need to use perimeter security software, including firewall and intrusion detection, “to lock down the ports used by P2P or to look for specific P2P network traffic,” said Tony Bradley, director of security at Evangelyze Communications, a unified communications software and service provider.

Corporations also might consider encrypting sensitive information and using data loss prevention tools to block data leakage, experts said. And if they want to see if any of their data has found its way onto a P2P network, they can hire Tiversa to probe Gnutella, eDonkey and FastTrack file-sharing networks.

Tiversa probes the networks, searching for specific terms and lets customers know when it finds any data out there specific to that firm and helps pinpoint the source of the leak and stop it.

After lawmakers accused them of being part of the problem nearly two years ago, P2P providers and their trade group–the Distributed Computing Industry Association (DCIA)–formed a working group to figure out ways to minimize the risk for P2P users and their networks. The DCIA prepared a report dated Thursday on the Inadvertent Sharing Protection Compliance that lists guidelines for better protecting P2P users and percentages of its members who are following them.

The latest version of popular file sharing software, released earlier this year, LimeWire 5, includes a number of the suggested changes and served as a “poster child for compliance,” said Marty Lafferty, chief executive of the DCIA.

The report shows 100 percent compliance with the guideline that recommends that default settings prohibit the sharing of user-originated files, while 57 percent of the respondents said they were complying with the guideline to offer a simple way for the user to disable the file-sharing functionality.

Other guidelines, with compliance percentages ranging from 29 percent to 71 percent, included requiring users to select individual files within a folder to share rather than sharing the entire folder, requiring the user to take affirmative steps to share sensitive folders and preventing the sharing of a complete network or external drive or user-specific system folder, such as “Documents and Settings.” Among the guidelines are requirements for warnings to the user when particular settings might jeopardize security.

we(Colasoft) are focus on providing all-in-one and easy-to-use software solutions for users to monitor network activities, analyze network performance, enhance network security, and troubleshoot network problems.

As with previous versions, Symantec’s suite offers protection against viruses, Trojans, rootkits, spyware and malware of all kinds. Also, like previous versions, it has a firewall, intrusion protection, e-mail protection and Web protection. It integrates with your browser and search engine to warn you away from visiting sites that might be malicious.

The suite, despite its hefty feature set, does not take up a good deal of RAM or system resources. It’s unlikely that you’ll even notice it’s running, a welcome change compared to several versions ago when it bogged down your system.

New reputation-based Quorum

Traditionally, security software detects threats by searching for signatures — distinct code patterns that identify malware — or by examining the behavior of a piece of software. Symantec claims that these solutions can’t keep up with the massive amounts of new malware released every year.

The company has named its new reputation-based technology Quorum. It was designed for a world in which malware threats evolve exceedingly quickly and may be built to last only for a day, because malware writers know that signatures can be released to detect the threat in only 24 hours. Symantec claims that it is these kinds of threats — those intended to do their damage quickly, before they are caught — that are the primary dangers today.

Quorum creates a “reputation” for every piece of software it encounters, basing that reputation on a number of factors, including download source, age, prevalence and digital signature. So, for example, a new file downloaded from a not-well-known Web site that very few people have ever used will be regarded as suspect by Quorum, even if it is not known as a piece of malware and exhibits no suspicious behavior. As a result, one of malware writers’ greatest weapons — their ability to quickly turn out new pieces of malware — makes it more likely that the new malware will be deemed suspicious by Quorum.

According to Symantec, Quorum relies on data that Symantec has been capturing for years through millions of people who use Norton products and opt in to the Norton Community, sending information anonymously about the applications running on their systems. Quorum uses this information to help calculate its “reputation score” for applications.

Symantec stresses that it hasn’t abandoned other means of catching malware; the reputation score is used in concert with signature-based and behavior-based protection.

Will the addition of Quorum actually help protect you more than traditional forms of protection? We’ll only know when labs weigh in with their results.

Welcome to the familiar interface

As I mentioned before, Norton Internet Security 2010 looks very much like the 2009 version, so there will be very little learning curve for those who have already used the product.

The main screen is now divided into three sections entitled Computer, Network and Web (rather than the previous Computer, Web and Identity). It tells you at a glance the state of your security, notes whether any actions need to be taken, and lets you turn features on and off. As with the previous version, there are monitors on the left-hand side of the screen that show your CPU’s current usage and how much of that Norton is taking up.

If you want a quick glimpse of the state of your security, you’ll just use the main screen. But if you’re the kind of person who likes to dig deep, you’ll find plenty of links here that will lead you to additional data. For example, click the Performance link on the left-hand side, and you’ll see a new feature: a page that offers in-depth detail about CPU and RAM use over the last ten minutes, the last half hour, hour-and-a-half, day, week, and month.

Better yet, another new link on the main page gives you access to detailed information from the suite’s System Insight feature. This display shows, over time, any events related to your PC’s security, such as virus scans and their results, and new software that you’ve installed. Using this info, you may be able to track down PC problems yourself — for example, if you notice unusual behavior, you can check this screen to see if that behavior started after you installed a particular piece of software.

Another useful feature accessible from the main screen is the Network Security Map. It shows you all of the devices attached to your network, and includes information such as the IP address, MAC address, whether they’re online, and so on.

Another feature, the Vulnerability Protection link, is less than useful. It lists programs that Norton has found to have vulnerabilities — but not necessarily those you have on your PC. The list is generic and lists all software against which Norton offers protection. There’s no need ever to check it.

What’s new?

Quorum’s reputation-based strategy represents the biggest change compared to previous versions, but there have been other changes as well. The suite’s anti-spam component features a new engine from enterprise anti-spam vendor Brightmail. Symantec claims that it is 20 percent more effective than the suite’s previous anti-spam protection.

Also included is Norton Safe Web; this service is new to Norton Internet Security but was previously introduced in Norton 360 version 3.0. It works with Google, Yahoo and Bing, and shows whether any sites that turn up in search results are potentially dangerous or untrustworthy.

In addition, Norton Internet Security 2010 users get a free subscription to OnlineFamily.Norton, a Web-based service that lets parents control what their kids do on the Web.

The bottom line

If you’re a user of Norton Internet Security 2009, it’s certainly worth going to the newer version, because Quorum will most likely make you safer, and the new features are worthy additions. Not only that, but the upgrade is free.

As for whether to switch to NIS 2010 — which costs $69.99 for a three-PC license — from a different Internet protection program, that’s a tougher call. The interface is certainly simple and straightforward, and also lets you dig into security details. There’s no way to evaluate yet whether the new tools will be more effective than the old ones; only widespread use and exposure to many malware threats will tell.

More information about Internet Security, please go to colasoft.blog.com

Computer security is the process of preventing and detecting unauthorized use of your computer. Prevention measures help you to stop unauthorized users (also known as “intruders”) from accessing any part of your computer system. Detection helps you to determine whether or not someone attempted to break into your system, if they were successful, and what they may have done.

B Why should I care about computer security?

We use computers for everything from banking and investing to shopping and communicating with others through email or chat programs. Although you may not consider your communications “top secret,” you probably do not want strangers reading your email, using your computer to attack other systems, sending forged email from your computer, or examining personal information stored on your computer (such as financial statements).

C Who would want to break into my computer at home?

Intruders (also referred to as hackers, attackers, or crackers) may not care about your identity. Often they want to gain control of your computer so they can use it to launch attacks on other computer systems.

Having control of your computer gives them the ability to hide their true location as they launch attacks, often against high-profile computer systems such as government or financial systems. Even if you have a computer connected to the Internet only to play the latest games or to send email to friends and family, your computer may be a target.

Intruders may be able to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data.

D How easy is it to break into my computer?

Unfortunately, intruders are always discovering new vulnerabilities (informally called “holes”) to exploit in computer software. The complexity of software makes it increasingly difficult to thoroughly test the security of computer systems.

When holes are discovered, computer vendors will usually develop patches to address the problem(s). However, it is up to you, the user, to obtain and install the patches, or correctly configure the software to operate more securely. Most of the incident reports of computer break-ins received at the CERT/CC could have been prevented if system administrators and users kept their computers up-to-date with patches and security fixes.

Also, some software applications have default settings that allow other users to access your computer unless you change the settings to be more secure. Examples include chat programs that let outsiders execute commands on your computer or web browsers that could allow someone to place harmful programs on your computer that run when you click on them.

From cert.org

Computer security is a branch of technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users.

The technologies of computer security are based on logic. As security is not necessarily the primary goal of most computer applications, designing a program with security in mind often imposes restrictions on that program’s behavior.

There are several approaches to security in computing, sometimes a combination of approaches is valid:

1. Trust all the software to abide by a security policy but the software is not trustworthy (this is computer insecurity).
2. Trust all the software to abide by a security policy and the software is validated as trustworthy (by tedious branch and path analysis for example).
3. Trust no software but enforce a security policy with mechanisms that are not trustworthy (again this is computer insecurity).
4. Trust no software but enforce a security policy with trustworthy mechanisms.

Many systems have unintentionally resulted in the first possibility. Since approach two is expensive and non-deterministic, its use is very limited. Approaches one and three lead to failure. Because approach number four is often based on hardware mechanisms and avoids abstractions and a multiplicity of degrees of freedom, it is more practical. Combinations of approaches two and four are often used in a layered architecture with thin layers of two and thick layers of four.

There are various strategies and techniques used to design security systems. However there are few, if any, effective strategies to enhance security after design. One technique enforces the principle of least privilege to great extent, where an entity has only the privileges that are needed for its function. That way even if an attacker gains access to one part of the system, fine-grained security ensures that it is just as difficult for them to access the rest.

Furthermore, by breaking the system up into smaller components, the complexity of individual components is reduced, opening up the possibility of using techniques such as automated theorem proving to prove the correctness of crucial software subsystems. This enables a closed form solution to security that works well when only a single well-characterized property can be isolated as critical, and that property is also assessable to math. Not surprisingly, it is impractical for generalized correctness, which probably cannot even be defined, much less proven. Where formal correctness proofs are not possible, rigorous use of code review and unit testing represent a best-effort approach to make modules secure.

The design should use “defense in depth”, where more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds. Defense in depth works when the breaching of one security measure does not provide a platform to facilitate subverting another. Also, the cascading principle acknowledges that several low hurdles does not make a high hurdle. So cascading several weak mechanisms does not provide the safety of a single stronger mechanism.

Subsystems should default to secure settings, and wherever possible should be designed to “fail secure” rather than “fail insecure” (see fail safe for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure.

In addition, security should not be an all or nothing issue. The designers and operators of systems should assume that security breaches are inevitable. Full audit trails should be kept of system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks. Finally, full disclosure helps to ensure that when bugs are found the “window of vulnerability” is kept as short as possible.

Early history of security by design

The early Multics operating system was notable for its early emphasis on computer security by design, and Multics was possibly the very first operating system to be designed as a secure system from the ground up. In spite of this, Multics’ security was broken, not once, but repeatedly. The strategy was known as ‘penetrate and test’ and has become widely known as a non-terminating process that fails to produce computer security.[citation needed] This led to further work on computer security that prefigured modern security engineering techniques producing closed form processes that terminate.

From WikiPedia