A Door, A Burglar Alarm and Insurance - All you need for Computer Security!

[Guest]

[Melih]

Layered Security in laymans terms. Please feel free to comment.

thanks
Melih

[Fake vegeta]

An antivirus solution does actually act as a prevention utility because when it "knows" a threath it will prevent it from executing.

But a tradittional antivirus solution can only act as a prevention solution when a threath has occured to somebody and then the programmers make detection signatures and distribute them to their costumors. For the persons who have been hit for the first time by an unknown threath, the tradittional antivirus did not act as a prevention solution, but will act as a cure when the signature has been released to them. For the others it will act as a prevention solution because the signatures have been written after the damage has been done.

So a tradittional av solution works in two ways as a detection and as a prevention when it knows a threath.

I do agree that a full featured HIPS is the only piece of software that can be called a prevention solution, but  can not cure u when u have been infected.

So indeed Melih: Prevention, detection and cure are the ways to keep you safe!

[Melih]

I must respectfully disagree that AV can prevent in a manner described by you.

The reason why it can stop a malware is because it "detects" it in the first place. And it can only prevent the ones it can "detect".

i thank you for your time triple x

Melih

[gibran]

There are many security products out there and if we account for detection, prevention and cure each one implement them at various degree.

AV comes in many flavors and are bundled in suites too.
There are plain AVs with no real-time scanning functionalities too.
There are AVs that cannot remove all kind of threats too.

I guess that we can all agree a the common denominator of AVs is detection.

HIPS on the other hand focus on prevention.

In my own experience I ran my system with only CFP for two months and I got no badware though this outcome was a result of my habits, security practices and I guess proper CFP usage.

During those two months I usually relied on CFP whitelist, Trusted Vendors and submit to comodo for analysis responses (I guess we can agree this is a sort of detection).
This way I was able to run trusted software without issues (meaning software I trusted or trusted by Comodo).

When I found software I did not know or Comodo did not analyze yet I relied on HIPS alerts in order to check installed software behaviours.
Still there were some cases an AV would have come in handy when I had to decide if some software was able to run/install kernel drivers.
If i didn't know much about that software I simply denied those requests and uninstalled that software.

I installed an AV again though because even if CFP features provided me a good security, AV detection could make my life easier.

Anyway I think that possible CFP3 future evolution and enhancements could compensate my need for AV detection.

[Fake vegeta]

So we all can agree that software that relies on detection can not be called a prevention solution because it lacks a good behaviour analyses.

We all can agree that the current cfp version needs the partners: "detection" and "cure" when prevention did not did it task, and the evolving cfp could make these partners in the future unnecessary.

[Melih]

Very much so...

The "Detection" element to supplement CFP will be many fold, from the firewall alerting to files making a call, to the heuristic built in already into CFP v3 and all the way to CAV3 when fully integrated..

And the Cure will be

1)Backup (That exists today)
2)Comodo DiskShield (possible in certain scenerios) (only in beta today)
3)Comodo Sandbox (soon )
4)Comodo Security Experts manually fixing things for you! (that exists today btw)

So we have a very strong Prevention and very a strong Cure offering already today! With CAV3 the detection will also be strengthened further...

Melih

[sweetlife2005]

Your home computer is a popular target for intruders. Why? Because intruders want what you’ve stored there. They look for credit card numbers, bank account information, and anything else they can find. By stealing that information, intruders can use your money to buy themselves goods and services.

Before diving into the tasks you need to do to secure your home computer, let’s first think about the problem by relating it to something you already know how to do. In this way, you can apply your experience to this new area. 

[Rednose]

And the Cure will be

1)Backup (That exists today)
2)Comodo DiskShield (possible in certain scenerios) (only in beta today)
3)Comodo Sandbox (soon )
4)Comodo Security Experts manually fixing things for you! (that exists today btw)

So we have a very strong Prevention and very a strong Cure offering already today! With CAV3 the detection will also be strengthened further...

Hi Melih

Interesting you put them in that order, I would have done the same : From the best option to the ... No I don't want to be negative about your or other Security Experts on other forums who try to help people with Malware infections, but in my opinion you can never be sure that a seriously compromised system will be 100% clean again. So should you offer that as a cure ?

Greetz, Red.

[Melih]

re-formatting is always an option

Melih

[Rednose]

Ofcource, Lol

But do your clients want to hear that

Greetz, Red.

[Melih]

Ofcource, Lol

But do your clients want to hear that

Greetz, Red.

Sometimes, when a system is truly hosed..noone can guarantee that they can clean all there is in that PC, cos they don't know all the malware, as noone knows 100% of the malware out there. So sometimes the best thing is to re-format. Painful as it maybe, but we care about security and if a bitter pill is what we have to take, then we have advise accordingly. False sense of security will never help anyone.

Melih

[jeremysbost]

Sometimes, when a system is truly hosed..noone can guarantee that they can clean all there is in that PC, cos they don't know all the malware, as noone knows 100% of the malware out there. So sometimes the best thing is to re-format. Painful as it maybe, but we care about security and if a bitter pill is what we have to take, then we have advise accordingly. False sense of security will never help anyone.

Melih

And besides cleaning your computer, reformatting lets you start fresh, without the software you don't need.

But what if you got a virus that acts like Diskshield, and when you reboot after a reformat it is all back again? 

[3xist]

[quote author=jeremysbost link=topic=22635.msg204316#msg204316 date=1223426678
But what if you got a virus that acts like Diskshield, and when you reboot after a reformat it is all back again? 
[/quote]

That would be some powerful malware/virus code right there!! 

Josh

[Tags:]