Imon. Is It a need or not?

Discussion in 'NOD32 version 2 Forum' started by carioca, Jun 21, 2007.

Thread Status:
Not open for further replies.
  1. carioca

    carioca Registered Member

    Jul 9, 2005
    Dear Support and Forum Buddies,
    Does Imon is a must whom have broadband connection? Does It slow my connection? Is It really a http scanner? Best Regards.

    "The Internet Monitor, or IMON for short, is the memory-resident component of NOD32 which automatically scans computers' network connections for threats. IMON does this by interfacing with a computer's TCP/IP protocol stack at the Winsock level though the Layered Service Provider (LSP) stack.

    IMON checks for threats transferred via the following mechanisms:
    Email received using the POP3 protocol
    IMON works with all POP3-based mail clients retrieving messages on the default POP3 TCP port of 110. Because IMON is implemented as a Layered Service Provider, it has access to all POP3 email being received by the system and is able to automatically filter all messages without requiring any changes to the mail client's settings.

    In the event a POP3 mail client uses TCP port other than 110, the additional TCP port will need to be entered in IMON's configuration.

    IMON checks messages for threats before they are saved to disk and, by default, prompts for which action to take when an infiltration is found. IMON can also be configured to perform a desired action automatically without prompting the user.

    IMON modifies the Subject: field of messages by adding a description of the threat found to the beginning of the subject. This allows the user to create rules in their email client to filter messages (place them in a quarrantine folder, delete them and so forth).

    Examining HTTP traffic
    IMON examines HTTP traffic for threats.

    Blocking of exploits used by popular worms
    IMON is able to block exploits used by popular worms (e.g. Code Red, Lovsan, Nachi and others) without requiring a patch from the operating system vendor to be installed. This feature is always enabled, however, you can control whether or note exploit attempts are logged.

    NOTE: IMON is unable to check encrypted traffic (HTTPS, S/POP3, SSH and so forth). After encrypted traffic has been decrypted, it will be checked for threats by the other components of NOD32."
  2. Blackspear

    Blackspear Global Moderator

    Dec 2, 2002
    Gold Coast, Queensland, Australia
    Yes, IMON is your first layer of defense.

    No you won't notice a slowdown in using it.

    Yes it is a HTTP scanner.

    Cheers :D
  3. RickS

    RickS Registered Member

    Jun 29, 2006
    Ontario, Canada
    I recently stopped using IMON. All of my inbound mail is SSL so it doesn't help there, and I found that occasionally IMON would interfere with some HTTP traffic; certain streaming media and DSL speed tests, for example. In my case, the marginal benefit of IMON is not worth the added complexity, and any threat missed by not having IMON running will be caught by AMON before any damage is done.

    But each to his own.

    Edit: I should mention that I am behind a NAT router with a firewall, and the Windows XP machines on my subnet have the Windows XP firewall enabled as well.
Thread Status:
Not open for further replies.