Author Topic: The Good, The Bad and The UGLY (ugly because its unknown!!)  (Read 32521 times)

Offline lordraiden

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 921
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #45 on: June 01, 2010, 09:15:16 AM »
1)Again, pls show me a malware that bypasses CIS... not theoretical PoC :)
2)we do give $500 warranty if CIS fails to protect the end user

Any more points you care to raise ;)

Melih

Have you ever test CIS against malware? I dont thing so xD
If you are going to pay 500$ for each piece of malware able to bypass CIS you are insane.
But if you are sure please make a official anouncement in the website and in your blog, and start to prepare some millons of dolars.
« Last Edit: June 01, 2010, 09:17:13 AM by lordraiden »

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #46 on: June 01, 2010, 09:21:59 AM »
Yeh, I want to know the T&C, that 500$ could buy me a new I7 that i've been wanting :)
Don't worry, be happy ????

*No longer active*

Offline panic

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11823
  • Linux is free only if your time is worthless.;-)
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #47 on: June 01, 2010, 10:45:31 AM »
Melih, Are you saying if I write malware to exploit the vulnerability you'll give me $500 USD?

AFAIK, the guarantee is only available to purchasers of CIS Complete (the retail product) in the USA. If you move to the USA and buy CIS Complete, the $500 (maximum) guarantee is paid to an authorised service centre that will remove the infection.

Your i7 might have to wait. ;)
As your mums would say, "If you can't play nice with all the other kiddies, go home".
All users are asked to please read and abide by the  Comodo Forum Policy.
If you can't conform, don't use the forum.

Offline Ovidiu G.

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 260
  • The only real valuable thing is intuition-Einstein
    • Comodo Reviews in limba română
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #48 on: June 01, 2010, 11:35:53 AM »
Have you ever test CIS against malware? I dont thing so xD
If you are going to pay 500$ for each piece of malware able to bypass CIS you are insane.
But if you are sure please make a official anouncement in the website and in your blog, and start to prepare some millons of dolars.

I honestly do not understand: is there a problem or someone wants to be a problem?  :)
I do not know on what basis are some statements on this forum, but what I will say beyond
is behind on my experience with CIS 4.0.

I have tested CIS 4.0 (Sandbox enabled  :) )with several hundred NEW malwares (many were
not in any AV database and at least 140 were reported to Comodo for analysis) and NONE has
infected my computer. When I say the system was not affected, I have not relied on the fact
that I scanned the system with an AV vendor (I just said that many were not in ANY AV
database :) ) but because I checked running processes, services, etc.. etc.. and found NOTHING!
If I had found a new malware that would have jumped out of the sandox and my system was
affected, I would have been the first that I have reported this problem here on the forum
to be analyzed. But SO FAR I have not found!

I think it is very important for those who read these things, to understand if indeed there
were problems and what are these problems with examples!
A new user should understand what can offer a product like Comodo (protection against
completely new malware - I can say that after I tested with several hundred new malwares)
and what the issues are (and there must be substantiated with specific examples).

Ovidiu

Offline pc_pete

  • Comodo's Hero
  • *****
  • Posts: 363
  • No idea where this came from!
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #49 on: June 01, 2010, 11:59:37 AM »
1. This thread is great entertainment.
2. I'm a COMODO user and I agree with lordraiden.
3. "Legacy" AV as described here is what, 1990s VET?
None of the serious AV companies are making that kind of thing anymore. (Not even CA ;D
4. "Default Deny" with CIS4 is more like "Default Don't Work". I have to turn off so much of CIS just so be able to live with it that I'm probably less protected than if I was using the dreaded, "legacy" AV.

Offline burebista

  • Comodo's Hero
  • *****
  • Posts: 669
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #50 on: June 01, 2010, 12:07:47 PM »
I have to turn off so much of CIS just so be able to live with it that I'm probably less protected than if I was using the dreaded, "legacy" AV.
It's your call, I'm running CIS full (without AV) enabled at home on Seven x64 and at work whole suite enabled on XP x32 SP3 and I live in peace with CIS both at home and at work.

Ovidiu point on the right G. spot. :D
« Last Edit: June 01, 2010, 12:09:30 PM by burebista »
If it ain't broke... fix it until it is.

Offline Maxxwire

  • Comodo's Hero
  • *****
  • Posts: 642
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #51 on: June 01, 2010, 03:46:10 PM »
I'm running CIS full (without AV) enabled and I live in peace with CIS both at home and at work.

Same here with no Malware detected in over a year...not even so much as a tracking cookie using 3 different highly comprehensive on demand scanners and I spend at least 8 hours a day surfing the murky Malware laden waters of the internet!

~Maxx~

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #52 on: June 01, 2010, 10:12:11 PM »
Code: [Select]
import os #This module is used for deleting after the file has been created\written and read.

#---------------------------------------------------------------------#
text = "Some random text to write in the test file" #txt that will be written
#---------------------------------------------------------------------#
txtfile = open("\\txtfile.txt", "w") #Creates a new file for writting
txtfile.write(text) #write the txt
#---------------------------------------------------------------------#
txtfile=open('\\txtfile.txt','r') #open the file for reading
print txtfile.readlines()#read lines and output on screen.
txtfile.close() #close the file
#---------------------------------------------------------------------#
os.remove('\\txtfile.txt') #This deletes the file
#----------------------------------End--------------------------------#
# and ---- are just comments or separators to make it a bit easier to read for you guys.
In English...
File creation,File Writing, File Reading and lastly File Deletion.
No alerts from CIS at all.
« Last Edit: June 01, 2010, 10:38:08 PM by Kyle »
Don't worry, be happy ????

*No longer active*

Offline Endymion

  • Comodo's Hero
  • *****
  • Posts: 1360
  • Reality is subordinate to perception.
    • Faces -The Madman (Kahlil Gibran, 1918)
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #53 on: June 01, 2010, 10:38:00 PM »
Code: (omygosh.py) [Select]
import os

text = "X5O!P%[at]AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"
txtfile = open("\\omygosh.com", "w")
txtfile.write(text)
txtfile=open('\\omygosh.com','r')
print txtfile.readlines()
txtfile.close()
os.remove('\\omygosh.com')
« Last Edit: June 01, 2010, 10:40:29 PM by Endymion »
I have learnt silence from the talkative, toleration from the intolerant, and kindness from the unkind; yet strange, I am ungrateful to these teachers.
Kahlil Gibran (1883 - 1931)

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #54 on: June 01, 2010, 10:41:13 PM »
What is the point your trying to prove Endymion ?
Don't worry, be happy ????

*No longer active*

Offline Endymion

  • Comodo's Hero
  • *****
  • Posts: 1360
  • Reality is subordinate to perception.
    • Faces -The Madman (Kahlil Gibran, 1918)
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #55 on: June 01, 2010, 10:46:10 PM »
What is the point your trying to prove Endymion ?

Yes I didn't add the comments.
Neither in the code nor after it.

Didn't think that was enough to get you confused 88)
I have learnt silence from the talkative, toleration from the intolerant, and kindness from the unkind; yet strange, I am ungrateful to these teachers.
Kahlil Gibran (1883 - 1931)

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #56 on: June 01, 2010, 10:47:26 PM »
Flame bait.. I see.
Better delete your posts before a mod see's it :)
« Last Edit: June 01, 2010, 10:50:15 PM by Kyle »
Don't worry, be happy ????

*No longer active*

Offline Endymion

  • Comodo's Hero
  • *****
  • Posts: 1360
  • Reality is subordinate to perception.
    • Faces -The Madman (Kahlil Gibran, 1918)
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #57 on: June 01, 2010, 10:50:47 PM »
Flame bait.. I see

Yes might looks so (to you) but please feel free to explain the difference between your version and mine.

Afterall you are the programmer.  88)

I have learnt silence from the talkative, toleration from the intolerant, and kindness from the unkind; yet strange, I am ungrateful to these teachers.
Kahlil Gibran (1883 - 1931)

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #58 on: June 01, 2010, 10:54:04 PM »
My point? it's explained in the first post i made.
Quote
File creation,File Writing, File Reading and lastly File Deletion.
The difference? There is no difference between the FileCreation\Reading\writting etc etc.  Defense+ still doesn't alert.

Only difference with yours and mine is that your showing a recognized string from eicar, It by passes defense+ and is picked up by the AV. Not D+. Relying on pure detection only from the AV.
Don't worry, be happy ????

*No longer active*

Offline Endymion

  • Comodo's Hero
  • *****
  • Posts: 1360
  • Reality is subordinate to perception.
    • Faces -The Madman (Kahlil Gibran, 1918)
Re: The Good, The Bad and The UGLY (ugly because its unknown!!)
« Reply #59 on: June 01, 2010, 10:55:30 PM »
Only difference with yours and mine is that your showing a recognized string from eicar, It by passes defense+ and is picked up by the AV. Not D+. Relying on pure detection only from the AV.

Kyle are you sure?

I have learnt silence from the talkative, toleration from the intolerant, and kindness from the unkind; yet strange, I am ungrateful to these teachers.
Kahlil Gibran (1883 - 1931)

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek