Re: Unable change firewall settings
Oh yes, I forgot I wanted to comment on this statement.
>>Detection software using signature files must know about the signature that
it must detect. If the signature is unknown, then the signature file is
useless on zero day exploits. And on top of that, a serious malware threat
is going to hide itself and most likely have itself hosted by a legitimate
process running on the machine such as SVChost.exe or DLLhost.exe.
Yep, you are correct there, and that's why they have a heuristics engine,
but they still require sig files don't they and those sig files have to be
able to recognize many aspects of behavior as well.
Some AV programs still fail the VB100% tests even after they've been given
the testing sig files well in advance, so as that tells you also, it's not
everything to have the sig files, they have to be implemented properly as
well and that's the differences between an Eset quality AV and the garbage
AV programs available (hello AVG)
And please, you're telling me basic malware techniques that have been well
known for years...of course I know that. I've seen almost every available
obfuscation technique in my day..I went thru the LOP.com heydays with the
HijackThis team when they threw over 100 different variants at us every
single day from over 25,000 partner sites. Those guys were committed I tell
ya and we estimated they probably made over $100,000.00 a month with their
malware and they weren't happy about us specifically targeting their
operations, but we were just as committed and kept them on the run for over 3
years until we finally broke them up. Well, along with the Authorities that
is, but we were responsible for Spybot S&D and HijackThis keeping users clean
of their crapware.
Ok, that's my last here. Have a Good Day everyone, and to you also Mr Arnold.
Dave