Chapter 4: Configuring RealSecure Desktop Protector

Collecting Packet Logs

Introduction

Packet logging records all the packets that enter your system. This can be useful if you

 

need more detailed information than evidence logs contain.

Where are my

Desktop Protector packet log files are stored in the installation directory folder. For

packet log files?

example, if you install Desktop Protector in the Program Files directory on the C: drive,

 

the packet log files are located in C:\Program Files\ISS\BlackICE. Each file has an

 

*.enc extension.

 

Note: If you upgraded to RealSecure Desktop Protector 3.5 from a previous version of

 

BlackICE, your packet log files are still stored in C:\Program Files\Network

 

ICE\BlackICE.

Packet log file

The packet log files are trace files. You must have a trace file decoding application to view

format

the contents of these files. Many networking and security product companies produce

 

such decoders. Some shareware decoders are also available on the Internet. If you are

 

using Windows NT or Windows 2000 Server, you can install the Network Monitoring

 

service, which includes Network Monitor, a decoding application. See the Windows NT or

 

Windows 2000 documentation for more information.

Procedure

To collect packet logs:

1.From the Main Menu, click ToolsÆEdit BlackICE Settings.

2.Select the Packet Log tab.

3.Select Logging Enabled.

4.In the File prefix box, specify the prefix for the packet log file names.

Desktop Protector automatically places an incremental counter in the filename. For example, if you enter ABC, the file names will be ABC0001.enc, ABC0002.enc, and so on.

5.In the Maximum Size box, specify how large each log file can get.

Note: For best results, keep this value under 2048 kilobytes (2 MB).

6.In the Maximum Number of Files box, specify how many log files to generate.

Note: The default is 10.

Packet log files are generated until the maximum number of files are used. Once the maximum number of files are used, Desktop Protector starts replacing the first log file with a new file, and so on.

Clearing packet logs To delete packet logs:

1.From the Main Menu, select ToolsÆClear Files. The Files to Delete window appears.

2.Select Packet logs.

3.Click OK.

Note: Clearing packet log data does not affect the Desktop Protector intrusion detection and firewall functions.

54

Page 61 Page 63
Page 62
Image 62
Internet Security Systems Desktop Protector, 3.5 Collecting Packet Logs, Packet log files?, Format, Select Packet logs
Page 61 Page 63

3.5, Desktop Protector specifications

Internet Security Systems Desktop Protector 3.5 is a robust cybersecurity solution designed to provide comprehensive protection for personal computers and workstations. As cyber threats continue to evolve, this software aims to protect users against malware, phishing, and other malicious attacks with its advanced feature set and technologies.

One of the main features of Desktop Protector 3.5 is its real-time scanning capability. It constantly monitors files and applications on the system for any signs of malicious activity. This proactive approach ensures that harmful software is detected and neutralized before it can execute, providing users with peace of mind as they navigate the internet or access sensitive information.

Another significant feature is the integrated firewall. This firewall effectively controls incoming and outgoing traffic, offering an additional layer of protection by blocking unauthorized access to the user's network. Users can configure the firewall settings to tailor their security level according to their specific needs, ensuring flexibility and adaptability.

Desktop Protector 3.5 also incorporates advanced heuristic analysis technology. Unlike traditional antivirus solutions that rely primarily on known malware signatures, heuristic analysis examines the behavior of files and applications. This allows the software to identify and block new or unknown threats based on their potential behavior, significantly enhancing its detection capabilities.

The software's user-friendly interface makes it accessible to users of all technical backgrounds. With straightforward navigation and intuitive controls, even those who are not tech-savvy can efficiently manage their security settings and monitor their system's health.

Moreover, Desktop Protector 3.5 offers automated updates, ensuring that the security software remains current with the latest threat definitions and security patches. This feature guarantees that users are always safeguarded against emerging threats without requiring manual intervention.

Another noteworthy characteristic is its low system impact; Desktop Protector 3.5 is designed to operate seamlessly in the background. Users can work, play, or browse the internet without experiencing noticeable lag or performance issues, making it an ideal security solution for both personal and professional environments.

With its combination of powerful features, advanced technologies, and user-centric design, Internet Security Systems Desktop Protector 3.5 stands out as a reliable choice for anyone seeking to enhance their cybersecurity posture in an increasingly digital world.
Top Page Image Contents