McAfee Raptor BETA

Discussion in 'other anti-malware software' started by jdd58, Dec 26, 2014.

  1. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    556
    Location:
    Sonoran Desert
    Has anyone tried McAfee Raptor BETA? It is also included with their Stinger removal tool now.

    Raptor BETA

    Raptor BETA is a real-time behavior detection technology that monitors suspicious activity on an endpoint. Raptor leverages machine learning and automated, behavioral-based classification in the cloud to detect zero-day malware in real time.

    Raptor BETA is available as a free tool and is also bundled with Stinger. McAfee plans to incorporate Raptor into future anti-malware products.

    -http://www.mcafee.com/us/downloads/free-tools/raptor.aspx
     
  2. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787
    Sounds interesting.
     
  3. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,983
    Behaviour blocker...

    How to Use Raptor

     
    Last edited: Dec 27, 2014
  4. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Q: How can I get support for Raptor?
    A: Raptor is not a supported application. McAfee makes no guarantees about this product.
     
  5. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,983
    And the point is?
    Man, it is clearly stated that is a beta ..........

     
  6. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,411
    Location:
    Lancashire
    caught everything bar one when testing in VM. however the tray icon did not load on my real system.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I don't get it, what is it supposed to catch, I mean what type of behavior? It doesn't even install a driver or service? To be honest, it looks like crap on first sight.
     
  8. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787
    How did you come to this conclusion? Have you done any testing with it?
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    No testing, but like I said it does not install a driver, so I wonder just what the hell it's monitoring, it doesn't seem to be an advanced HIPS like SpyShelter, that's for sure.
     
  10. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787
    I was expecting something more like the old PCTools Threatfire.
     
  11. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    I thought of dynamic security agent DSA.

    I will give it a try.
     
  12. 142395

    142395 Guest

    You can still monitor many behavior w/out driver. Have you used Process Monitor by Sysinternals? It is very useful tool to monitor program's behavior (not limited to malware). I suppose maybe Raptor is only for monitoring and warning (not sure though), and probably McAfee want to test new technology just like F-Secure also does in different field.

    Oh, don't say such warning system is useless, while recently IDS tend to be replaced by IPS, still IDS is quite useful tool especially for Linux user and definetely enhances security. And anyway once MvAfee finally integrated it to official product, prevention will come true.
     
  13. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    Hmm 32bit version will not install on xp pro invalid windows application.

    Is that what you get when you try to install a 64bit version on 32bit?
    Maybe McAfee messed up the link?
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Well, perhaps you can test it, but like I said, when I think of a real-time behavior detector or blocker, I think of advanced HIPS, not some simple file monitor or whatever the hell it does. And Process Monitor also uses a driver, but you probably already knew that.
     
  15. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    556
    Location:
    Sonoran Desert
    Only supports Win 7, 8, and 8.1 so far according to the FAQ.
     
  16. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787
    I'm using the 64bit version in Win10.
     
  17. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    556
    Location:
    Sonoran Desert
    I wonder if it works on Vista then? I've been running it on 64bit 7 without issue. I think Ill let it stay for a while since it has no negative impact.
     
  18. 1. Write to registry HKCU autorun
    2. Create process
    3. Newly created process going outbound
    4. File creation with non execute byte
    5. Etc
     
  19. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787
    Just noticed memory use is now at 2.4GB. Memory leak? Guess I will stop using it for now.
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Can you perhaps post any screen-shots? Did you get to see any alerts?
     
  21. DX2

    DX2 Guest

    Can't get it to work on a VM XP. Not a valid Win32 app.
     
  22. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
  23. DX2

    DX2 Guest

    Some people do...:rolleyes::rolleyes::rolleyes::rolleyes:
     
  24. Just an example of the usefull things that can be monitored, see Yuki's answer
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Buzz kill, I want to know what Raptor does.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.