Layered Security in laymans terms. Please feel free to comment.
thanks
Melih
An antivirus solution does actually act as a prevention utility because when it “knows” a threath it will prevent it from executing.
But a tradittional antivirus solution can only act as a prevention solution when a threath has occured to somebody and then the programmers make detection signatures and distribute them to their costumors. For the persons who have been hit for the first time by an unknown threath, the tradittional antivirus did not act as a prevention solution, but will act as a cure when the signature has been released to them. For the others it will act as a prevention solution because the signatures have been written after the damage has been done.
So a tradittional av solution works in two ways as a detection and as a prevention when it knows a threath.
I do agree that a full featured HIPS is the only piece of software that can be called a prevention solution, but can not cure u when u have been infected.
So indeed Melih: Prevention, detection and cure are the ways to keep you safe!
I must respectfully disagree that AV can prevent in a manner described by you.
The reason why it can stop a malware is because it “detects” it in the first place. And it can only prevent the ones it can “detect”.
i thank you for your time triple x 
Melih
There are many security products out there and if we account for detection, prevention and cure each one implement them at various degree.
AV comes in many flavors and are bundled in suites too.
There are plain AVs with no real-time scanning functionalities too.
There are AVs that cannot remove all kind of threats too.
I guess that we can all agree a the common denominator of AVs is detection.
HIPS on the other hand focus on prevention.
In my own experience I ran my system with only CFP for two months and I got no badware though this outcome was a result of my habits, security practices and I guess proper CFP usage.
During those two months I usually relied on CFP whitelist, Trusted Vendors and submit to comodo for analysis responses (I guess we can agree this is a sort of detection).
This way I was able to run trusted software without issues (meaning software I trusted or trusted by Comodo).
When I found software I did not know or Comodo did not analyze yet I relied on HIPS alerts in order to check installed software behaviours.
Still there were some cases an AV would have come in handy when I had to decide if some software was able to run/install kernel drivers.
If i didn’t know much about that software I simply denied those requests and uninstalled that software.
I installed an AV again though because even if CFP features provided me a good security, AV detection could make my life easier.
Anyway I think that possible CFP3 future evolution and enhancements could compensate my need for AV detection.
So we all can agree that software that relies on detection can not be called a prevention solution because it lacks a good behaviour analyses.
We all can agree that the current cfp version needs the partners: “detection” and “cure” when prevention did not did it task, and the evolving cfp could make these partners in the future unnecessary.
Very much so…
The “Detection” element to supplement CFP will be many fold, from the firewall alerting to files making a call, to the heuristic built in already into CFP v3 and all the way to CAV3 when fully integrated…
And the Cure will be
1)Backup (That exists today)
2)Comodo DiskShield (possible in certain scenerios) (only in beta today)
3)Comodo Sandbox (soon )
4)Comodo Security Experts manually fixing things for you! (that exists today btw)
So we have a very strong Prevention and very a strong Cure offering already today! With CAV3 the detection will also be strengthened further…
Melih
Your home computer is a popular target for intruders. Why? Because intruders want what you’ve stored there. They look for credit card numbers, bank account information, and anything else they can find. By stealing that information, intruders can use your money to buy themselves goods and services.
Before diving into the tasks you need to do to secure your home computer, let’s first think about the problem by relating it to something you already know how to do. In this way, you can apply your experience to this new area. (:NRD)
Hi Melih
Interesting you put them in that order, I would have done the same : From the best option to the … No I don’t want to be negative about your or other Security Experts on other forums who try to help people with Malware infections, but in my opinion you can never be sure that a seriously compromised system will be 100% clean again. So should you offer that as a cure ?
Greetz, Red.
re-formatting is always an option
Melih
Ofcource, Lol
But do your clients want to hear that 88)
Greetz, Red.
Sometimes, when a system is truly hosed…noone can guarantee that they can clean all there is in that PC, cos they don’t know all the malware, as noone knows 100% of the malware out there. So sometimes the best thing is to re-format. Painful as it maybe, but we care about security and if a bitter pill is what we have to take, then we have advise accordingly. False sense of security will never help anyone.
Melih
And besides cleaning your computer, reformatting lets you start fresh, without the software you don’t need.
But what if you got a virus that acts like Diskshield, and when you reboot after a reformat it is all back again? ???
[quote author=jeremysbost link=topic=22635.msg204316#msg204316 date=1223426678
But what if you got a virus that acts like Diskshield, and when you reboot after a reformat it is all back again? ???
[/quote]
That would be some powerful malware/virus code right there!! :o
Josh
I know I don’t. I have specialized software. Before Comodo, I took bad hits. The last one was it. I knew it would be at least a couple of weeks to put Humptey back.
So disgusted, I said I would never do this again. I was taken to le cleaners too many times on backup software, I could mention three that did not work when I went to restore, but I wouldn’t do that here.
I went searching and found a backup software so good, they literally have no other place to go. I won’t mention that name either, but it has been 100% effective. I clone a disc, and if something happens I can trade drives in minutes.
It gets everything transferred. They have come up with something new but it’s not better.
Can’t wait for your backup product.
Thank you.
You do need to worry about it, but you don’t need to use anti-virus or anti-spyware programs. I actually don’t use any security programs at all. I have never had a virus on my computer, nor have I ever run an anti-virus program. They always take away from the speed of the computer.
I follow a few guidelines to stay safe on the internet, but that’s just as good as any security suite. Basically, just don’t ever go to a site that you are unsure of, never use any peer-to-peer programs (i.e. Limewire), never go to adult sites of any kind, and only download attachments that you are expecting (if someone sends you an attachment in an e-mail that you weren’t expecting, call them up and ask about it). There are several other precautions to take, but these are the main ones.
Link was removed a it linked to an ad for Security cameras
I disagree with you there tokmik
From
http://voices.washingtonpost.com/securityfix/2008/07/75_percent_of_malicious_web_si_1.html
By Brian Krebs | July 29, 2008; 12:41 PM ET
Three-quarters of all Web sites that try to foist malicious software on visitors are legitimate sites that have been hacked, a report released today found. Even worse, most of these compromised sites are social networking communities and some of the Internet's most popular destinations.Those numbers come from stats (PDF) collected in the first six months of this year by Websense, an online security company that scans more than 40 million Web sites hourly for signs that they may have been compromised by hackers.
I can find alot of other data to support this.
The fact is most malware comes from poorly patched web severs this includes both Linux(apache) and windows servers and the sites are mostly legit and the owners are completely unaware they are infected.
I can find data to support this as well.
X
PS; Do you use at least a hardware fire wall? What browser do you use? What OS do you use? Do you block all scripting in your browser this is necessary no mater what OS or browser you use. Nothing personal, but I would be a little hesitant to recieve any thing from you. How do you know you have never had a virus?
I would agree you can run without security software but there are other things that you must do to protect youself and one slip and you can be infected