Tisma.net

Can we live without internet? Absolutely not, internet means everything to us these days. Our business, source of entertainment, keeping in touch with friends and family, everything is done via internet. It is therefore crucially important that when you browse internet you do it safely.

What does “browsing internet safely” mean?

Now days, everything has become secure, hacking is not easy as it once used to be. Social networking sites have given a lot of importance to security and everything seems so foolproof. Directly hacking may not be so easy these days but there are enough things which can affect your privacy and online security.

Your Facebook account may not get hacked but if you open a page saying “you’ve won million dollars” a virus might hit your computer. People often focus their attention on bigger things and ignore the seemingly trivial things but that can be dangerous.

People who want to access your personal information do so in a style you cannot see through in the beginning. They collect your data by clever means like offering you money for giving out your mother’s maiden name. These scammers form something like data SIM cards which are full of your personal information. Imagine how they can use it against you.

How to browse internet safely?

There are simple points which you should note and practice reasonable precaution when you are online. Here are some important points to remember.
Do not give out personal information to a dubious website. They might encourage you to give your password or date of birth but refrain from it.
Do not trust strangers, you will find many “polite” people on social networking sites and chat rooms. Be wary of them.
If you receive an unrelated email from an unknown sender, do not open it or download it. Delete it if it looks doubtful to you.
Avoid spamming websites. They would fill your inbox with their product offers. Give out your email to websites which contain the product of your interest, not to everyone.
Trust your common sense and instincts. If you receive an email from a sender telling you that he has $150000 for you in the bank which was left by a billionaire, you have to ask yourself that what the chances are of this being true.Such things will always lead you into cyber traps.

Web servers and FTP

Each network has an Internet connection is at risk, compromised. Although there are several steps you is at your local network, can provide the only real solution, close to your local network for incoming traffic, and restrict outgoing traffic.

But some services such as Web or FTP servers require incoming connections. If you need these services, you must determine if it is important that this part of the LAN server, or are in a physically separate network, according to a DMZ (demilitarized zone or placed on the public if you prefer his real name ). Ideally, all servers in the DMZ is a standalone server, with unique applications and passwords for each server. If you have a backup server for the machines in the DMZ, you must buy a dedicated machine and keep separate backup solution for network backup solution.

The DMZ from the firewall directly, which means that there are two roads in and out of the DMZ, traffic to and from the Internet, and traffic to and from the local network. Traffic between the DMZ and the LAN would be completely separated from the movement of data between your DMZ and the Internet. Incoming traffic from the Internet would be routed directly to your DMZ.
So, if all the pirates in which a machine inside the DMZ compromise, the only network they have access would be the DMZ. The hacker would have little or no access to the LAN. It is also the case where a viral infection or endangers the safety of others on the LAN would not be able to migrate from the DMZ.

For the DMZ, to be effective, you must keep the traffic between the LAN and DMZ to a minimum. In most cases, that is only traffic between the LAN and the DMZ FTP needs. If you do not have physical access to the server, you also need some kind of remote management protocol such as Terminal Services or VNC.

Database Server

If your Web server will need access to a server database, then you must make sure if your database instead. The safest place is to find a server database, or a physically separate network, called the Secure Zone to create a server and database for the placement.
The security zone is a geographically separate network connected directly to the firewall. The safety zone is by definition the safest place on the web. The only access to or from the security zone would be the database connection from the DMZ (LAN and, if necessary).

Exceptions to the rule

The dilemma faced by network engineers, where the server e-mail address provided. It requires an SMTP connection to the Internet, but it also requires access to the area of the LAN. If you know this server in the demilitarized zone to another, could compromise the integrity of the traffic sector of the DMZ, it is just an extension of the LAN. Therefore, in our opinion, the only place where you can e-mail server is stored on the local network and allow SMTP traffic on this server. However, we would therefore oppose any form of access to the HTTP server recommended. If your users access to their e-mails from outside the network is required, it would be much safer to get some kind of VPN solution. (With the use of firewalls and VPN. LAN VPN Server to allow VPN traffic is authenticated on the network before, which is never a good thing.)