Kaspersky Already has somewhat Moved to DD. If you watch the first 10 minutes of this video. You will undersatnd what I mean. It isn’t eneabled by default though.
A lot of Kaspersky’s customers like How kaspersky is currently and do not like a big change on how Kaspersky will handle threats. Same with comodo saying we are switching to default allow. A lot of us will say No because we like how it is currently and don’t want to go through a large change in how comodo handles threats.
kaspersky does have HIPS capabilities if you turn on interactive mode.
It does also have heuristic analysis.
And unknown programs can have restrictions put upon them.
Kaspersky at default is rather weaker and needs some settings changed to strengthen the program.
In my honest opinion it is very difficult to say which is stronger between kis and cis as it also depends on the application whitelists etc.
The only thing that would benefit comodo is perhaps a web filtering module. :-TU
They do. It is called Secure DNS. It is not that great but it does block some malicious websites.
If anyone has the POC they can PM a link either to any active moderator, to Melih directly, or to Egemen. Any of us would be very happy to get a working sample of a POC which can bypass CIS.
Can you provide some evidence for this? The person who told me about this does test AV’s for living.
Hi seany007.
i only tried kaspersky very briefly but i know it has some form of heuristic analysis when dealing with downloaded files etc and it assigns different groups for these files.
Restricted,
Low restricted.
Untrusted.
I found there philosophy on the firewall a bit different and odd as at default it does not stealth the ports but they do explain that stealthing is a marketing gimmick and is not needed but i was able to manage to stealth it anyway.
I say im using CIS now and more than happy with this although an integrated web filter would be a nice addition.
Thanks.