Knowledge base
P2P is an efficient method of transferring data over the Internet. The best-known example of a P2P network is torrent.
A firewall is a type of system used to monitor connections between computer networks. As one of the first responses to malicious activity carried out over the Internet, firewalls have become a standard part of corporate, government, and private networks.
A proxy server is a system that routes traffic between networks or protocols. The proxy server has its own IP address, so it acts as an intermediary between your computer and the Internet.
Domain Name System blacklists, also known as DNSBL or DNS blacklists, are spam blocking lists that allow the website administrator to block messages from certain systems.
To establish a reliable connection, TCP uses a process called the “three-way handshake”. The established connection will be full-duplex, that is, both channels can transmit information simultaneously, and they also synchronize (SYN) and acknowledge (ACK) with each other.
To effectively protect information, it is necessary to understand what is happening with traffic within the network. However, this is not the easiest task, as it is further complicated by the widespread use of the Transport Layer Security (TLS) protocol, which interferes with traditional methods of monitoring network security. But then TLS fingerprinting comes to the rescue - a method that will help you understand the traffic without depriving you of any advantages of the TLS protocol. For each client, the “fingerprint " remains static from session to session.
Malicious actions impacting web resources on the Internet. Attacks of this kind are usually classified into mass and targeted types. Attacks of the first type target a site as a whole and are usually automated. In mass attacks, attackers use their knowledge of popular tools and widespread vulnerabilities. Targeted attacks, on the other hand, are usually carried out by manually searching for vulnerabilities and exploiting them. The damage inflicted by an attack of this type can be fatal.
DoS attacks involving the use of UDP packets – large amounts of such packets with the source IP set to a victim server address are sent to ports of an amplification network. As a result, the victim server is forced to focus on processing the vast counts of spoofed packets.
When the term is used in relation to popular protocols, it means a DDoS attack that exploits vulnerabilities previously unknown to security experts. If used when talking about popular software products, the term refers to security bugs of which their developers were previously unaware. Often, a DDoS-attack can be referred to as zero-day if it is implemented using brand new methods that were never used before.
Traffic secured by encryption using the SSL protocol. The reliability of protection depends upon the encryption algorithm used for session key agreement.
A character-string based identifier (name) of an Internet domain. Domain names are intended to ease the designation of individual nodes and resources deployed on top of them from human readability viewpoint.
The data transfer rate of a communication link. Bandwidth determines the amount of data that can be sent across a link per a unit of time (usually, per second).
