Post by Kr0max07 on Jan 23, 2009 13:52:43 GMT 8
I've been a trainee of Malware Removal University, but kicked out for being inactive ;D. While i was doing one of my first modules, i posted a question regarding on how do antivrus programs differ. Luckily, peeps in MWRU were very nice and patient in providing me this information. This is a thread response from that thread (malwareremoval.com). I have asked permission from them to repost this reponse here in our message board since i think it would help us in dealing with our PCs and laptops, etc. Thanks to silver for processing my request.
This is quite long to read but i do hope you'll be able to understand the idea of malware infection in connection to you antivirus.
This is quite long to read but i do hope you'll be able to understand the idea of malware infection in connection to you antivirus.
This is a speech by Gary R of MWRU:
In terms of comparing programme with programme, that's pretty much a waste of time. With AV's it's impossible to compare as there's no clear cut definitive comparison test that can be used. Some work better on one infection, others work better on others. Some update their definitions faster, but there are definitions as well developed as those produced by a company that takes a little more time. If one's better overall now, will it be better if tested a month later (or in some cases even a day later).
Pretty much any of the major AV companies produce an adequate product, as far as they go. What you've got to accept is that they all play "catch up". They respond to new infections as and when they become aware of them, which means there's a window of opportunity for an infection to get through before the definitions are updated to take care of it.
IMO (In my opinion) Firewalls are all pretty much of a muchness. Sure one has a few new add-ons that another doesn't, but there really isn't too much substantive differences between any of the major manufacturers.
The real problem is not whether you've got this AV, or that Firewall, it's a basic misunderstanding of the purpose that they serve. People think if they've got a Firewall and an Anti-Virus/Anti-Malware then they're 100% safe, and that just isn't so.
Your computer has 64,000 ports, all of which give access to your computer, and if they were left unprotected when online, it would make the contraction of an infection pretty much a foregone conclusion.
A Firewall blocks these ports, and gives Internet access to just a few (those to whom you've written rules). This does not mean it will repel all boarders. You have to have some ports open, to allow access for your browser, and your e-mail programmes (and any other programmes you've given Internet access to (usually for updating purposes)). Because of this it's possible for you to be infected through these ports.
Your Firewall is set to block unsolicited incoming communications on the permitted ports, but if you've been conned into instigating the communication, then the bad guys will have free access onto your computer.
At this point your Anti-Virus and Anti-Malware programmes are there to protect you. The real time scanners on your AV and AM programmes monitor the "open" ports looking for anything nasty trying to get on board, and if it is something they have a definition for, then they will flash a warning, or attempt to neutralise the threat, dependant on what it is, and how they're set up.
You'll notice I said if, as I said earlier new infections proliferate faster than the AV companies can keep up, so there's always a window of opportunity for a new infection (or a new variation of an old one).
The real security system on your computer is the squidgy grey matter keeping your ears apart. If you don't invite the bad guys onto your computer, then generally your Firewall will do its job, and your AV and AM programmes won't have to work as hard.
Simple rule of thumb is, watch what you click on.
Here's a few tips that if followed would reduce most people's chances of contracting an infection greatly:-
Don't download stuff from sources you don't know.
Don't click on e-mail attachments (even from people you know) without checking that they were actually sent from that person.
Don't click on links in e-mails, especially in unsolicited e-mails.
Simple aren't they, but it's amazing how many simple minded idiots don't follow them (particularly the first one) and get a little bit more than they thought they were going to get.
These are lessons i learned:
It is inappropriate to ask the question, what is the best antivirus that i must install?
"Virus/malware makers release their malwares before a company could make a definition for it. They all try to fix these infections, don't worry.
We are all vulnerable even we have the latest virus definition update. So it is not appropriate to say: "I've have my antivirus up to date and keep it running in the background so it is impossible for me to be infected."
The USB ports are not the only way malware get in.
Attacks come from unsolicited incoming communication. Meaning they are gate-crashers.
A malware is made before someone can make any step against it.
If interested, you can visit their site to study(for free) and/or ask help regarding malware(i.e. virus) removal. malwareremoval.com
If you think this helped, please click on the reply button and say something. ;D
Thanks!
It is inappropriate to ask the question, what is the best antivirus that i must install?
"Virus/malware makers release their malwares before a company could make a definition for it. They all try to fix these infections, don't worry.
We are all vulnerable even we have the latest virus definition update. So it is not appropriate to say: "I've have my antivirus up to date and keep it running in the background so it is impossible for me to be infected."
The USB ports are not the only way malware get in.
Attacks come from unsolicited incoming communication. Meaning they are gate-crashers.
A malware is made before someone can make any step against it.
If interested, you can visit their site to study(for free) and/or ask help regarding malware(i.e. virus) removal. malwareremoval.com
If you think this helped, please click on the reply button and say something. ;D
Thanks!