A method for blocking in real time harmful information in a file to be executed, the method comprising the steps of: (a) on a computer network through which a web server and a client system are linked to each other, the web server receiving a connection request from the client system over the computer network; (b) the web server transmitting a harmful information blocking code module to the client system; and (c) once the transmission of the harmful information blocking code module is completed, the harmful information blocking code module automatically running on the client system to block in real time harmful information including computer viruses, wherein the step (c) comprises steps of: (c1) inspecting file input/output (I/O) on the client system by hooking up file I/O routines, (c2) determining whether the file to be executed corresponding to the inspected file input/output in the step (c1) is harmful or not; and (c3) treating a file determined to be harmful in the step (c2) and executing the file, if it can be treated, and aborting the execution of the file determined to be harmful in the step (c2), if it cannot be treated. view more

The method of claim 1, wherein the step (c3) comprises requesting the client system user's approval for the execution of the step (c3).

The method of claim 1, wherein the step (c) further comprises steps of: (c4) inspecting network packet input/output (1/0) on the client system; (c5) determining whether packets inspected in the step (c4) are harmful or not; and (c6) if any packet is determined to be harmful, blocking a communication port assigned for the packet I/O. view more

The method of claim 1, wherein the harmful information blocking code module executed in the step (c) checks whether current processes running on the client system are harmful or not.

A method for blocking in real time harmful information in a file to be executed, the method comprising the steps of: (a) on a computer network through which a first web server, a second web server and a client system are linked to each other, the client system connecting to the second web server over the computer network; (b) the client system connecting to the first web server over the computer network, according to information provided from the second web server to the client system; (c) the first web server transmitting a harmful information blocking code module to the client system; and (d) once the transmission of the harmful information blocking code module is completed, the harmful information blocking code module automatically running on the client system to block in real time harmful information including computer viruses, wherein the step (d) comprises steps of: (d1) inspecting file input/output (I/O) on the client system by hooking up file I/O routines; (d2) determining whether the file to be executed corresponding to the inspected file input/output in the step (d1) is harmful or not; and (d3) treating a file determined to be harmful in the step (d2) and executing the file, if it can be treated, and aborting execution of the file determined to be harmful in the step (d2), if it cannot be treated. view more

A method for blocking in a real time harmful information in a file to be executed in real time, the method comprising steps of: (a) on a computer network through which a first web server and a client system are linked to each other, the first web server receiving a connection request from the client system over the computer network; (b) the connection request is issued by the client system according to information provided from a second web server after the client system is connected to the second web server separated from the first web server; (c) once the first web server transmits a harmful information blocking code module to the client system, the harmful information blocking code module automatically running on the client system to block in real time harmful information including computer viruses, wherein the step (d) comprises steps of: (c1) inspecting file input/output (I/O) on the client system by hooking up file I/O routines; (c2) determining whether the file to be executed corresponding to the inspected file input/output in the step (c1) is harmful or not; and (c3) treating a file determined to be harmful in the step (c2) and executing the file, if it can be treated, and aborting execution of the file determined to be harmful in the step (c2), if it cannot be treated. view more

A system for blocking in real time harmful information in a file to be executed, comprising: a first web server for providing online services through a computer network; and a client computer linked with the first web server via the computer network, wherein when the first web server receives a connection request from the client system, the first web server transmits a harmful information blocking code module to the client computer, and the harmful information blocking code module is automatically executed on the client computer to block in real time harmful information including computer viruses, and wherein the harmful information blocking code module inspect file input/output (I/O) on the client system by hooking up file I/O routines, and determines whether the file to be executed corresponding to the inspected file input/output is harmful or not: and treats a file determined to be harmful and executes the file, if it can be treated, and aborts the execution of the file determined to be harmful, if it cannot be treated. view more

A network security system controlling inbound traffic by using a firewall, the firewall protecting a corresponding network connection of a computer to a network by setting restrictions on information communicated between networks, comprising: a port monitoring unit extracting information about a server port, wherein the server port is designated as a port of a network communication program; an internal permitted program storage storing a list of programs permitted by the firewall, wherein the internal permitted program storage adds a program to the list by extracting information about the program for which communication is to be permitted by the firewall; and a firewall flexible device determining whether the network communication program is registered in the list of programs stored in the internal permitted program storage; wherein the firewall flexible device automatically stores the extracted information about the server port in an internal permitted port storage if the network communication program is registered in the list of programs stored in the internal permitted program storage; and wherein the firewall flexible device further determines whether a port of a packet of inbound traffic matches with the server port and blocks the packet of inbound traffic if the port does not match with the server port. view more

The network security system as set forth in claim 1, wherein the information about the program includes information about at least one of a program name, an entire path of the program, and a program hash value.

The network security system as set forth in claim 1, wherein the information about the server port includes information about at least one of an entire path of the program, a protocol, and a port.

The network security system as set forth in claim 1, wherein the firewall flexible device allows the packet of inbound traffic to bypass the firewall if the port matches with the server port.

The network security system as set forth in claim 1, wherein the firewall flexible device stores the extracted information about the server port if the server port is determined to be opened.

A network security method controlling inbound traffic by using a firewall, the firewall protecting a corresponding network connection of a computer to a network by setting restrictions on information communicated between networks, comprising: storing in an internal permitted program storage a list of programs permitted by the firewall; adding a network communication program to the list of programs by extracting information about the network communication program for which communication is to be permitted by the firewall; extracting information about a server port, wherein the server port is designated as a port of the network communication program; automatically storing, by the firewall, the extracted information about the server port in an internal permitted port storage if the network communication program is registered in the list of programs stored in the internal permitted program storage; determining whether the network communication program is registered in the list of programs stored in the internal permitted program storage; determining whether a port of a packet of inbound traffic matches with the server port; and blocking the packet of inbound traffic if the port does not match with the server port. view more

The network security method as set forth in claim 7, wherein the information about the program includes information about at least one of a program name, an entire path of the program, and a program hash value.

The network security method as set forth in claim 7, wherein the information about the server port includes information about at least one of an entire path of the program, a protocol, and a port.

The network security method as set forth in claim 7, further comprising: allowing the packet of inbound traffic to bypass the firewall if the port matches with the server port.

The network security method as set forth in claim 7, further including: storing the extracted information about the sever port in the internal permitted port storage if the server port is determined to be opened.

A computer recordable device storing a program for performing a network security method which, when executed by one or more processors, causes the one or more processors to control inbound traffic the method comprising: storing in an internal permitted program storage a list of programs permitted by a firewall; adding a network communication program to the list of programs by extracting information about the network communication program for which communication is to be permitted by the firewall; extracting information about a server port, wherein the server port is designated as a port of the network communication program; automatically storing, by the firewall, the extracted information about the server port in an internal permitted port storage if the network communication program is registered in the list of programs stored in the internal permitted program storage; determining whether the network communication program is registered in the list of programs stored in the internal permitted program storage; determining whether a port of a packet of inbound traffic matches with the server port; and blocking the packet of inbound traffic if the port does not match with the server port. view more

The computer recordable device as set forth in claim 13, wherein the method further including: storing the extracted information about the sever port in the internal permitted port storage if the server port is determined to be opened.

The computer recordable device as set forth in claim 13, wherein the method further including: deleting the extracted information about the sever port from the internal permitted port storage if the server port is determined to be closed.

A network security system controlling inbound traffic by using a firewall, the firewall protecting a corresponding network connection of a computer to a network by setting restrictions on information communicated between networks, comprising: a port monitoring unit extracting information about a server port, wherein the server port is designated as a port of a network communication program; an internal permitted program storage storing a list of programs permitted by the firewall, wherein the internal permitted program storage adds a program to the list by extracting information about the program for which communication is to be permitted by the firewall; and a firewall flexible device determining whether the server port is opened or closed and whether the network communication program is registered in the list of programs stored in the internal permitted program storage; wherein the firewall flexible device automatically stores the extracted information about the server port in an internal permitted port storage if the server port is opened and the network communication program is registered in the list of programs stored in the internal permitted program storage; wherein the firewall flexible device determines whether a port of a packet of inbound traffic matches with the server port and blocks the packet of inbound traffic if the port does not match with the server port. view more

The network security system as set forth in claim 16, wherein the information about the program includes information about at least one of a program name, an entire path of the program, and a program hash value.

The network security system as set forth in claim 16, wherein the information about the server port includes information about at least one of an entire path of the program, a protocol, and a port.

The firewall as set forth in claim 16, wherein the firewall flexible device allows the packet of inbound traffic to bypass the firewall if the port matches with the server port.

A network security method controlling inbound traffic by using a firewall, the firewall protecting a corresponding network connection of a computer to a network by setting restrictions on information communicated between networks, comprising: storing in an internal permitted program storage a list of programs permitted by the firewall; adding a network communication program to the list of programs by extracting information about the network communication program for which communication is to be permitted by the firewall; extracting information about a server port, wherein the server port is designated as a port of the network communication program; determining whether the network communication program is registered in the list of programs stored in the internal permitted program storage and whether the server port is opened or closed; automatically storing, by the firewall, the extracted information about the server port in an internal permitted port storage if the network communication program is registered in the list of programs stored in the internal permitted program storage and the server port is opened; determining whether a port of a packet of inbound traffic matches with the server port; and blocking the packet of inbound traffic if the port does not match with the server port. view more

The network security method as set forth in claim 21, wherein the information about the program includes information about at least one of a program name, an entire path of the program, and a program hash value.

The network security method as set forth in claim 21, wherein the information of the server port includes information about at least one of an entire path of the program, a protocol, and a port.

The method as set forth in claim 21, further comprising: allowing the packet of inbound traffic to bypass the firewall if the port matches with the server port.