Drive by downloads

cypressotter

Newbie

Offline

Posts: 4

« on: March 18, 2008, 10:28:24 AM »

I'm running CAV (2.0.17.58).
I got hit by a nice drive by download. With lots of detective work 4 hours later I finished nixing the half-dozen .exe's that appeared in my system32 dir.
Google has a whitepaper on drive by downloads dated Feb. 2008 claiming a huge volume of "malicious URL's" in their research.
From the whitepaper:
"Unfortunately, we also find that even state-of-the-art anti-virus engines are lacking in
their ability to protect against drive-by downloads. While this is to be expected, it does call for
more elaborate defense mechanisms to curtail this rapidly increasing threat."

Request: "Comodo anti-drive by"


	Logged

Ragwing

Global Moderator
Comodo's Hero

Offline

Posts: 3199

Re: Drive by downloads

« Reply #1 on: March 18, 2008, 11:32:07 AM »

Greetings!

As most drive-by downloads uses buffer overflow, Comodo Memory Firewall should be able to stop these.
Comodo Firewall Pro 3 with Defense+ enabled should be able to prevent the download of .exe-files (as it'll warn about the creation). They're the biggest threat, as they're able to execute malicious code.

Cheers,
Ragwing


	Logged

Forum Policy
FAQ's

If you should need help or have a question, feel free to PM me.

cypressotter

Newbie

Offline

Posts: 4

Re: Drive by downloads

« Reply #2 on: March 18, 2008, 12:30:28 PM »

Good news! Thanks for the quick reply! I can see my choice to eschew CFP for XP Firewall after an OS reinstall was not the best decision...


	Logged

Melih

Comodo's Hero
Administrator
Comodo's Hero

Offline

Posts: 5938

Re: Drive by downloads

« Reply #3 on: March 18, 2008, 05:34:08 PM »

As Ragwing pointed out Comodo Memory Firewall was designed to do that..

between CMF and CFP... you are pretty safe....

Melih


	Logged

Who is Melih? What is he trying to do?

Tags:

Pages: [1]

« previous next »

Jump to:

SSL

Firewall

Page created in 0.076 seconds with 19 queries.

Design by 7dana.com