I'd like to address a few things here since the bi-weekly virus topic
has sprung up again.
>I use In-Defense (http://www.in-defense.com) which doesn't require
>constant virus database signature updates.
I checked their website, and while vague about the actual technology
used, it sounds like they're using an almost purely heuristic
(analytical) approach, something the major virus scanners do as well.
The only problem with heuristic analysis is that it can very easily
throw up false positives on benign files, leading to unintended
disinfection or deletion - which, in either case, will render the file
useless to some degree.
>and
>that protects against so-called 'worms' and 'trojans' and whatnot which
>can infiltrate someone's system and do a lot of damage.
>For good anti-virus software, check out In-Defense.....I'd recommend
it.
Again, the major virus packages will also detect worms, trojans, macros,
and other types of viruses. My main gripe with this package is that
(AFAIK) it's not tested by the accepted independent testing labs that
routinely compare all antivirus products, so there's no benchmark for
its success or failure rate.
>Also, hackers somehow can somehow infiltrate a PC with their 'back
>orifice' (no jokes please! LOL) software
The correct term in this context would be 'cracker' or 'criminal'. A
hacker is motivated by a desire to learn; a cracker is motivated by a
desire to cause havoc. I'm touchy about this as I'm effectively a paid
hacker, and want no association (as do most in my position) with the
little idiots defacing websites.
>........many times by having it
>masquerade as a game or something which someone would download. I also
>had that on my system and have gotten rid of it with BODetect.
If you required a separate piece of software from your AV package to
detect Back Orifice, I would seriously question the ability of your AV
software to scan and protect effectively. Every major AV scanner *will*
detect Back Orifice, bar none. BO is a very well-known piece of
software, hence its broad detection rate.
I'd also like to clarify some misconceptions people have about BO.
While the name may somehow make it seem sinister, one fact about it that
is very rarely mentioned is that it provides a degree of control that
operators of Unix-based systems have enjoyed for many, many years. It
is a remote administration tool, nothing more. Microsoft themselves
even make their own equivalent to Back Orifice: SMS, or Systems
Management Server. The difference is that while BO is free, SMS costs
roughly $1000.
The paradox is that SMS is not detected by antivirus software, thus
begging the question of what constitutes 'acceptable' software. Both
operate completely invisibly to the user, but both can be used
maliciously if so desired. There is no cut-and-dried blanket
condemnation of Back Orifice that is acceptable: to do so is to be
hypocritical.
BO is a legitimate diagnostic and administrative tool when used
properly. When abused by some pimply-faced fourteen-year-old trying to
prove himself, it causes havoc.
>By using both of these programs, I've ridded my system of
problems...and
>I'm sure there could be many on this list that are experiencing
frequent
>browser crashes and other odd occurrences. Give it a try, you've got
>nothing to lose.......
You may also want to try a non-Microsoft, non-Apple Operating System.
This is one of the best ways to be protected against the majority of malicious software.
Cheers,
- Cameron.
This archive was generated by hypermail 2b29 : Thu 20 Apr 2000 - 05:17:41 UTC