Please go ahead and try this and post your feedback here. This is launched just for the Comodo Forums… But obviously it’s shown to every guest who comes here but you know it’s not officially launched, Melih wanted it launched for a Wider Audience for more testing to improve this, It’s an online service as you can see… So it won’t be put in CIS.
Please Remember… Some sites “attack” user’s browsers… it is those active attacks that Site Inspector checks. This is NOT a AV checking for hosted content. This is an “Attack Detection” tool.
hi,great job,i believe in you people.well, i’m always ready to help comodo when i can.here is one outcome from my use of siteinspector . an issue that should be addressed is that the tool shows websites as “clean” when they are not accessible(offline).for example,i’ve tested it with the domain " live-antivirus-scan.com " which is attributed to be malicious by a filter subscription of adblock plus in firefox. well, see the screenshots to view the report of comodo siteinspector.
ps: in one genuine case, siteinspector kept looping on the site with many iterations and remained in"work in progress" .hope this helps
Was it a Attack Site or just a site that hosts malware? Comodo SiteInspector does not check for hosted content, It checks for Active Sites that attack browsers.
I don’t see a point of making it a software… it’s an “in the cloud service” Maybe comodo would make it something like a proxy sever? who knows… just a guess.
Josh since it’s early days maybe it’s good thing to mention that currently it’s still in testing…
BTW, Melih. Defense+ for sure takes care of preventing these sort of attacks, Are the benifits of this new service worth it?
it detects “active attack” from a site. (pls do not confuse this with other services that scans the site content to see if the site has malware or not). Active attack means this site is actively trying to attack your computer in an attempt to inject malicious files into it.
it could take upto 30 sec or even more to test a site, as they could put a timebomb. Its diffiicult to integrate this online service so very easily into a realtime environment like CIS, but we have some ideas
This is just a toy to play with… And you guys are just lucky to actually play with it, and in the future, whether it would be 3 months, 6 months or a year… you guys will be the benefices of this new toy “Site Inspector” As Melih said, It’s an online service… It will be difficult to integrate into CIS. However, As Melih said their are ideas floating around.
If we look at a Scenario with CIMA (Comodo Instant Malware Analysis) which is also an online service, Melih said THAT would be hard to integrate into CIS Back in September 2008, Now here we are at the end of January, And we are looking at a CIMA like hurisitics in maybe in March (If Comodo can push it) into CIS. So anything is possbile, nothing is possible… And yes as long as CIS is on a machine your completely protected from Sites that host malware, etc… SiteInspector looks for things that actually are active sites that ATTACK Browsers, There is huge difference between hosted malware on a site, and a site that attacks a users browsers.
Let’s look at an example: Site Advisor Scans for Malicious Content on a Site, So Site Advisor saids “Really who cares if the site actually attacks your browser? we can just analyze the KNOWN malicious content and bring up a big fat yellow, red or green sign! (YAY! GREEN MEANS GO…LOL)” So a user enters a green site. Suddenly without your permission a malware injects all kinds of malware into your PC. But Site Advisor didn’t detect this.
On the other hand, Site Inspector scans for ACTIVE Sites that actually attack your browser, and attempt to inject malicious files onto your PC. Site Inspector saids “Okay, fine - Malicious files MAY be on a site, But some malicious sites may not be active or the malware may not either actually attack your PC, So we will scan for sites that ATTACK the users browser and PC” Now you are safe! And with CIS installed to you are still safe!
Bottom Line: SiteAdvisor checks for known malicious content on a site. SiteInspector checks for sites that are active and “ATTACK” a users PC and attempt to inject malicious stuff onto it.
:P0l Folks, no malicious URLs here in the public forums please, according to forum policy. (In the malware research restricted boards it would be a different story.)
This is the second one I edit out if you check back, so I though I should tell you not to do it again.
(:WIN)