onearmedscissor
Weaksauce
- Joined
- Dec 14, 2003
- Messages
- 75
what is the best antivirus and the best firewall software? i don't care what the price is.
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Kerio Personal Firewall 2
Bio Hazord said:Why 2 and not 4 just wondering?
Bio Hazord said:Kaspersky or Nod32 and then there is the all migthy search buttons . For a firewall a nice NAT will do.
Why 2 and not 4 just wondering?
Use TDS-3, WormGuard and Spyblocker (an ancient version) and a bunch of other freeware like RegProt, ScriptDefender ect.tazdevl said:NOD32 (LOL Ice I can't wait to hear you bitch when a non-viral threat makes it by)
The virus writers are constantly trying to one-up each other by evolving their code with each new variant, but they're also trying to one-up the antivirus industry. Take Sundermeier's example of a recent back-and-forth: In the past, you might have found viruses on attachments boasting of nude celebrities, so businesses filtered executable extensions at the gateway. The virus authors then started zipping up their attachments.
In response, security firms had their scanning engines scan archives to block the ZIP files. Only days later, the authors fired back with password-protected ZIP files, which could bypass antivirus screening, as the software couldn't decrypt and take a guess at a password. As a result, Central Command learned to parse an e-mail message for the password and store it in memory so they could decrypt and virus-scan it. A week went by, says Sundermeier, and the authors "stopped including the password as a text file. It was a bitmap file, which completely screwed up our game plan."
Writers speak of multiplatform viruses and viruses that will infect icons, cursors, or media files or damage CD-ROM and DVD-ROM drives. Advances in computing technology will inevitably extend the terrain for viruses; soon viruses could target instant messaging, peer-to-peer networks, voice-mail systems, handheld devices, Microsoft Xboxes and other consoles, and mobile phones (which will lead to cell-phone antivirus software).
BlueOwl believes the cyberbattles among authors will eventually breed worms that fight by trying to remove each other. What's more, he says, "virus authors have been inspired by real biological bacteria and evolution. So there have been thoughts about viruses which use genes when making new variants of themselves, and even female and male viruses that will be able to mate and have offspring resembling themselves." BlueOwl has seen only test runs so far, but he says, "If a mass mailer used it, it could really spread BIG."
If virus writers are trending toward malice and developing new strategies to elude antivirus companies, why haven't we seen the Big Onea rapidly spreading virus that attempts to destroy data? roy g biv, a 25-year-old Austrian writer for the group 29A, says it's not that easy: A virus has to "get lucky" to spread far, or it needs a widespread hole to exploit so it can spread quickly. If it spreads quickly, however, it will be detected quickly. What's more, if the payload runs too soon, the virus will destroy itself, and if it runs too late, the antivirus companies will stop it.
Scanning engines have also become more sophisticated. Five years ago, the scanning process was simple pattern matching. As Panda's Hinojosa puts it, "Advances in virus writing and polymorphic viruses have made pattern matching increasingly obsolete....Because these things spread so fast, there isn't necessarily time to get our signature file to the users. So heuristics started getting beefed up."
With more intelligent heuristics, scanners could interpret macro instructions and find them in specific parts of a file. They would look for files that were doing something suspicious and work on a point system. For example, if a file were searching for e-mail addresses, that would be one point. If it were trying to start up an SMTP engine, that would be another.
So the challenge now becomes: How do you generically stop something through behavior-based phenomena? Because with something that gets spammed out to 10 million people, you don't necessarily have time to get it analyzed, a signature file deployed, and the users updated in 5 minutes worldwide. This moves us into having to detect malware at the network level before we know what it is. That is the wave of the future.