 gugarciPremium
join:2004-02-25
Bergen Co | The good and the bad about AV multi scanner services Just read this article and I found it interesting. It was originally posted by Dermot7 a Wilders member.
»blog.gdatasoftware.com/blog/arti···ces.html
»www.wilderssecurity.com/showthre···t=317796 |
|
 antdudeA Ninja AntPremium,VIP
join:2001-03-25
kudos:2
 ·RoadRunner Cable
| Ooh, new ones to bookmark and use. 
Does »vscan.novirusthanks.org/ work? I keep getting "Error: Error uploading the file.".  |
|
 AVDRespice, Adspice, ProspicePremium
join:2003-02-06
Onion, NJ | I don't get it. They are bad, because an unsuspecting user might stumble over a rogue site and get a false negative? |
|
|
|
Mele20Premium
join:2001-06-05
Hilo, HI
kudos:4 | reply to antdude
I just uploaded to them with no problem. It took forever though for the scan. They don't tell you until the report screen what scanners they use. They have nine scanners. I thought it rather strange that neither Comodo or Trend Micro caught the POC for LNK shortcut vulnerability (dll.dll). Avira goes nuts on that one and the suckme one. (I didn't have anything better than that to upload). 
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson |
|
 Noah VailSon made my AvatarPremium
join:2004-12-10
Lorton, VA
kudos:1
·Bright House
 ·Sprint Mobile Br..
| reply to gugarci
quote:
Conclusion: If a malicious file is not detected as malicious in such a multi online scanner, you cannot automatically conclude, out of this analysis, that some new malware is actually not detected or stopped by your AV product. Online multi scanners do not consider all the other protection technologies!
The last sentence is his actual point. It's 'unfair' to judge a meta scanner against an installed A/V product because the capabilities differ.
I think we got that. But since meta scanners aren't used to protect end user systems, why is he even comparing the two?
I believe it's because IT professionals are using meta scanner results, as a factor in their evaluation of A/V products.
Over time, uploaded 0day malware samples can indicate which A/V companies are superior in detecting them.
What our blogger is leaving out is this:
If Mr. IT Pro is uploading a sample, it's likely because the installed A/V product has failed to protect the end user. Failed, even with it's full arsenal deployed.
For me, meta scanners introduce a unique bit of competition into the A/V product field. I think vendors are finding that isn't what they'd prefer.
--
Adopting other people's animosity is The New Stupid. |
|
antdudeA Ninja AntPremium,VIP
join:2001-03-25
kudos:2 Reviews:
·RoadRunner Cable
| reply to Mele20
said by Mele20:I just uploaded to them with no problem. It took forever though for the scan. They don't tell you until the report screen what scanners they use. They have nine scanners. I thought it rather strange that neither Comodo or Trend Micro caught the POC for LNK shortcut vulnerability (dll.dll). Avira goes nuts on that one and the suckme one. (I didn't have anything better than that to upload). OK, it works now. It must have been a glitch.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer |
|
