Drive by downloads

[Guest]

[cypressotter]

I'm running CAV (2.0.17.58).
I got hit by a nice drive by download. With lots of detective work 4 hours later I finished nixing the half-dozen .exe's that appeared in my system32 dir.
Google has a whitepaper on drive by downloads dated Feb. 2008 claiming a huge volume of "malicious URL's" in their research.
From the whitepaper:
"Unfortunately, we also find that even state-of-the-art anti-virus engines are lacking in
their ability to protect against drive-by downloads. While this is to be expected, it does call for
more elaborate defense mechanisms to curtail this rapidly increasing threat."

Request: "Comodo anti-drive by"

[Ragwing]

Greetings!

As most drive-by downloads uses buffer overflow, Comodo Memory Firewall should be able to stop these.
Comodo Firewall Pro 3 with Defense+ enabled should be able to prevent the download of .exe-files (as it'll warn about the creation). They're the biggest threat, as they're able to execute malicious code.

Cheers,
Ragwing

[cypressotter]

Good news! Thanks for the quick reply! I can see my choice to eschew CFP for XP Firewall after an OS reinstall was not the best decision...

[Melih]

As Ragwing pointed out Comodo Memory Firewall was designed to do that..

between CMF and CFP... you are pretty safe....

Melih

[Tags:]