|
|
Focus on Virus
AV that supoprts spy/adware May 05 2005 04:59PM Dave (wintermutecx gmail com) (8 replies) Re: AV that supoprts spy/adware May 06 2005 05:50PM Luis Diaz Kelsi Siler (luis diaz kelsisiler com) RE: AV that supoprts spy/adware May 05 2005 06:24PM Roger Padilla Jr (ropadill calpoly edu) (1 replies) |
|
Privacy Statement |
Have you read the ICSA Labs test report? I did.
By the way, it is available here:
http://www.icsalabs.com/services/lab_reports/Panda_Public_Evaluation.PDF
The behaviour-blocking components mainly are used to
detect new and unknown malicious code, and they complement
the traditional signature solution. After having read the ICSA Labs
test report, I was rather surprised (and disappointed by this testing group)
that they have used long-known malicious programs to test the TruPrevent's
blocking abilities. ICSA Labs lists the viruses they have used: Sircam,
Nimda, PrettyPark, Klez et cetera. It's all old stuff and classics of
computer virus history. All malicious programs listed in the test
report had been known long before this test took place and some of
them - even before the TruPrevent had been developed.
As a matter of fact, the virus defence components
without signatures also are updated when new threats emerge.
Therefore, it's not clear why a product developed for protection
mainly from new malicious code was tested on the old one.
The only aim of doing this might be to prove that it works at all.
I encourage you to read this
(http://www.pcmag.com/article2/0,1759,1727662,00.asp).
It looks more realistic: TruPrevent detects 2/3 of new malicious
programs. This is closer to my own experience. Interestingly,
the best signature scanners for detecting malicious code almost
provide this rate (Retrospective/ProActive Test, November 2004,
http://www.av-comparatives.org).
Best regards,
Valdis Shkesters
----- Original Message -----
From: "Roger Padilla Jr " <ropadill (at) calpoly (dot) edu [email concealed]>
To: "'Dave'" <wintermutecx (at) gmail (dot) com [email concealed]>; <focus-virus (at) securityfocus (dot) com [email concealed]>
Sent: Thursday, May 05, 2005 9:24 PM
Subject: RE: AV that supoprts spy/adware
> Panda Software has a bundled solution as well. Actually they use a
> technology called TruPrevent that uses a behavioral approach to defend
> against malware in general. Here is a link to a review I just read --
> sounds promising.
>
> http://www.pcmag.com/article2/0,1759,1808169,00.asp
>
> ------------------------------------------------
> Roger Padilla, Jr.
> California Polytechnic State University
> San Luis Obispo, CA
> ITS/PS3
> Network Analyst
> Office: (805) 756-5294
> Email: mailto:ropadill (at) calpoly (dot) edu [email concealed]
> ------------------------------------------------
>
>
> -----Original Message-----
> From: Dave [mailto:wintermutecx (at) gmail (dot) com [email concealed]]
> Sent: Thursday, May 05, 2005 10:00 AM
> To: focus-virus (at) securityfocus (dot) com [email concealed]
> Subject: AV that supoprts spy/adware
>
> Anyone have a list of AV that detects spyware? We are currently using
> eTrust
> with spybot and the MS beta antispyware. I'd like to get something that's
> integrated. Thanks.
>
[ reply ]