Empty mind being a devil’s workshop, as soon as the field of computer software became mainstream, malicious code began to be written which would induce some form of damage to either the process, the transaction, or computer data. Anti-virus software and firewalls are two approaches to computer security that work to ensure that there is minimal damage through viruses, and when there is infection, the damage is kept from escalating through immediate detection.
Anti-virus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware). There are two approaches to virus detection – the first checks a specific file or folder to see if there is any infection by consulting a ‘virus definition file’ which help recognize the viruses; the second checks for any suspicious behavior and check virus at the point of entry itself. These basic approaches are theoretically potent enough to control the menace of viruses, and many of the anti-virus software use both the approaches. Some anti-virus software also use heuristic analysis and the sand-box approach. The dictionary approach to detecting viruses does not always suffice -- due to the continual creation of new viruses -- yet the suspicious behavior approach does not work well due to the false positive problem; hence, the current understanding of anti-virus software will never conquer computer viruses. The safest practice, therefore, requires frequent updating of virus definitions, and proper stimuli to suspicious-behavior approach.
A firewall is a layer of protection in the form of hardware or software that controls access to any system or network. It is a metaphorical ‘wall of fire’ and actually works like a guarded turnstile allowing only legible communication across the system or network. Every system allows legible actions within the system which are akin to zones of trust – whatever passes from there is trustworthy – the firewall controls traffic between such trust zones. There are always variable zones of trust – whereas internal networks are always more trustworthy, external and public networks are always suspicious, like the internet. The objective is always to allow legible actions and disallow those not allowed by the security policy.
In this section of the web directory, we provide links to various anti-virus and firewall resources.