eMail and HTTP-Protection - the first line of defense...

Timo_Schmidt · February 15, 2009, 11:19am

… does CIS 3.8 support it?

I don’t care how good or bad the antivirus-engine is (it’s av-comparatives job to decide this :D), my only concern is that CIS (3.5) doesn’t seem to have a HTTP (Proxy?) scanning abilities. You can check this with www.eicar.com.

Since most (if not all) malware comes through email or internet it is important (at least in my opinion) that a security suite like CIS scans the http or e-Mail traffic before it reaches the harddisk. An optimal security suite should work like this (again in my opinion :D):

http and e-mail scanner should scan incoming traffic BEFORE it reaches your harddisk - it should PREVENT malware from reaching your computer

if that fails (I don’t mean failing due to non existance of such a scanner :D)

HIPS (Defense+) should prevent those intruders to do damage to your system

if that fails (or not :D)

The On-Demand scanner should detect and remove those threats by deleting / cleaning the infested file. Furhtermore registry-entries (depends on how good Defense+ did it’s job ) from this malware should be removed.

The first step is a reason why I don’t have a suite like Norton Internet Security installed (it doesn’t offer any “real” http-protection).

If there isn’t any eMail and HTTP-protection - can you explain why? What’s your philosophy of creating a Security Suite like CIS?

Greetings and congrats to your phantastic advancements so far (I’m sure CIS will be much more improved :D).

Timo

Kyle142 · February 15, 2009, 11:49am

Hey Timo.

Since most (if not all) malware comes through email or internet it is important (at least in my opinion) that a security suite like CIS scans the http or e-Mail traffic before it reaches the harddisk. An optimal security suite should work like this (again in my opinion ):

So tell me, Where do you think these "Web scanners" operate? they can't operate in the wires before it touches your pc. ;) Try downloading Eicar with webshield turned on, try downloading eicar with webshield turned off. Catches it both times eh? ;)

This is what makes comodo different, It’s efficient.

Bad_Frogger · February 15, 2009, 11:59am

Hi Kyle,

I do agree about CIS performing correctly re: email, eicar tests, etc.
but “webshield” ???

Later

Kyle142 · February 15, 2009, 12:02pm

Thats what Alot of AV’s refer to their HTTP scanners, Avast,Avira for example.

Mack · February 15, 2009, 12:03pm

I guess Kyle means Avast’s Webshield module?

Good question actually… What does CIS scan when we surf the internet? Hard disk, memory? Cause i think there is a little slowdown on webpages showing,

Thanks any feedback,

bgrds
mack

Bad_Frogger · February 15, 2009, 12:12pm

Yea I knew other companies have various “webshields”.
The post seemed to indicate to me that Comodo would stop the
download with it’s “webshield” turned on or off. Confusing.

Thanks ???

Bad_Frogger · February 15, 2009, 12:42pm

Hey Mack,

“What does CIS scan when we surf the internet? Hard disk, memory?”

AFAIK both, AV real time scans all HDD read/write activity, and D+ as well as
Buffer Overflow protection are monitoring memory. For executable’s loading
and BO’s respectively.

Later

Mack · February 15, 2009, 8:02pm

Thanks for the info Bad Frogger,

brgds
mack