Norton Internet Security 2009

Swisscoms, Blue provided a link in post #44, which is worth a read and gives a little more detail about the purpose and function of Insight.

 

Just click on the link Blue provided in post #44 and it has the Symantec explication of what Norton Insight does.

 

Thanks. I'll do the same and keep an eye on the sandboxIE forum.

As for the comments on scan time and insight I cannot offer anything to the technical side of the debate but can confirm I ran 3 scans all took in excess of 90 minutes. When I reset to default settings the scan took less than 10 minutes.

In my limited experience that must mean it is in someway trusting more than just the running processes.

Cheers

 

That is impossible-something is wrong with the program and/or the installation or you are running a Quick Scan thinking it is a complete scan. If that were true, Norton would promote 10 minute (or whatever) scan times and they don't.

 

Thanks folks! I missed that one. Great information about this technology.

 

Thanks. Perfectly willing to accept there something wrong with the install or the programe but it WAS a full scan. I ran another with the same results.

I'll reinstall later and check again. I would not want to think it's running super fast when it's just not running properly.

Rubenking at pcmag claimed a 5 minute scan second time round with insight credited for it. http://www.pcmag.com/article2/0,2817,2330027,00.asp but maybe I'm reading that wrong.

As stated I ain't no expert just post what I've experienced.

Thanks for the heads up.

 

I wish it were true- but not true on my computer. I may be wrong, but I just don't see anyone else confirming same. I have 1.1 million files and it took about 2.3 hours to scan them on a complete setting. I have done it at least a dozen times in beta and now with the final release. If I see evidence to the contrary, I'll let you know.

I did read the PC magazine review and I saw what he said about the fast scan, I just don't see that being mentioned at the Symantec forum.

 

Thanks Buck,

Just an update. Reinstalled. Scan results as follows:

Scan Time: 3798 seconds
Scan Options:
Scan Targets: C:\, R:\, Z:\
Counts:
Total items scanned: 649,783
- Files & Directories: 647,312
- Registry Entries: 302
- Processes & Start-up Items: 2,047
- Network & Browser Items: 117
- Other: 4
- Trusted Files: 770
- Skipped Files: 0

Rescanned again immediately (as I had done when I got the 10 minute scan)and got this

Scan Time: 268 seconds
Scan Options:
Scan Targets: C:\, R:\, Z:\
Counts:
Total items scanned: 67,756
- Files & Directories: 65,208
- Registry Entries: 302
- Processes & Start-up Items: 2,124
- Network & Browser Items: 117
- Other: 4
- Trusted Files: 941
- Skipped Files: 56,775

Making Rubenking's 5 minutes look long!

I shut down and restarted and the scan I started is still running, looks like it will take around the hour again.

Makes me think on my system at least if you run the full scan more than once in the same session the second scan looks at a vastly reduced number of files thereby reducing scan times.

No doubt you guys will know if thats a bug or the way its supposed to work. If it's a bug I'd be interested if anyone else has the time or inclination to see if it effects them as well. But then would you run 2 full scans in the same session?

For me I either put up with longer scans or go back to Avira. Not made my mind up yet.

Thanks

 

Looks like NAV2009 was tested here: http://www.virusbtn.com/news/2008/09_02 . Hope it's ok to show.

 

Its ok to show , don't worry
Already a 3 page debate on the same can be found at:
https://www.wilderssecurity.com/showthread.php?t=219555

 

I don't know about you guys but I am very impressed with NIS 2009. Extremely light. I was along time user of Comodo and believe you me I dont miss the pop ups or the "install Mode". I also was running Avira Premium. I tried KIS 2009 but it slowed my pc and web browsing way down. With NIS I don't even know its running. NIS is the only real time protection I have except for my NAT. Any one else using NIS with something along side it? I tried TF but didnt think it was necessary.

 

Wow, impressive results.

 

Norton has always been on top or close to the top in detection but its slowness it caused to many systems stop alot of people from using it. Norton got the name "Slowton" cause of this reason. But now with NIS 2009 that is gone.

 

Still using SAS Pro but took out TF. Still running very good here.

 

Chris. What file systems do you have on C: R: and Z: ? Is it FAT or NTFS. ?

 

Sorry for the delay. NTFS. On this machine still running XP SP2 if that is relevant.

 

Just a quick note to all of you which I am sure most of you are aware of. if you try the GRC Leak test it will fail. Why because Automatic Program Control is on by default. In this mode it will automatically configure any program regardless if its bad or not. Turn off Automatic Program Control and then turn on Advanced Events Monitoring. This will also turn on all other features. One bad thing is that it will generate alerts for programs already learned. It will ask if you want IE or FF to connect. All other programs also will generate alerts but once done no more alerts.

 

I haven't tested this yet on my system, but this screenshot is from the article linked earlier in this thread...

http://usera.imagecave.com/Victek/NortonInsight.jpg.jpg

It seems to be saying that Norton Insight will reduce scanning times for both Quick Scans and Full Scans. I will play with this and post again.

 

I downloaded the trial have to say was really impressed with the install, went fast, with no reboot.

Full scan time was pretty fast to, and am gonna continue to test it on the scan times see if it improves.

So far I like this new version, running it with Defensewall no problems.

Wake

 

I have been playing with the Firewall settings also. I found that switching off the Automatic Program Control and also leaving the Advanced Events Monitoring off, the Firewall Alert pop up has many more options as seen in this photo on GRC.



With Advanced Events Monitoring switched on, it passes the PC Flank Leak Test also.

 

So I wonder whats better. Advanced Monitoring On or Off. I currently have mine on.

 

Swisscoms, I have Automatic Program Control turned off, and when I run GRC Leaktest, I get the alert, and manually deny access. I tried turning off Advanced Events Monitoring also as you suggested, but when I ran Leaktest, I got no alert and failed Leaktest. I haven't been able to figure out why I didn't get an alert as you did.

Edit: Nevermind Swisscom, I figured out what was going on, and now see the alert with additional options as you illustrated.

 

Ok well I just figured out that Advanced Monitoring should be on cause without bring on (off) all the other options are grayed out.

 

Good question...what's the advantage to having it turned on...you get an alert with additional options with it turned off?

 

If you turn it off then you dont have code injection or key logger protection cause its grayed out. I tried it with it on and I got a key logger waring using OpenOffice.Org. But when its off and after I deleted the OpenOffice entry I got no alert. Best to leave Advanced Monitoring on. A block is a block correct. Doesn't matter if its the session of permanently. Click on the "?".

Advanced Events Monitoring


When you are connected to the Internet, there are various ways by which intruders can gain unauthorized access to your computer. Intruders can gain access to your computer in the following ways without causing firewall alerts to appear:

Launching and manipulating safe programs without your knowledge

Attaching to a safe program without getting detected

Launching trusted applications in hidden mode through command-line parameters

Injecting code into other applications' processes

Modifying the URL of an Internet browser through Windows messages

Bypassing firewall inspections by penetrating the Windows TCP/IP layer to send and receive data

Using documented interfaces provided by Windows Active Desktop to transmit data outside the network

Using keylogger programs to monitor the keystrokes of a computer user, thereby gaining access to a user's personal information

You can turn on Advanced Events Monitoring only if you turn off the Automatic Protection Control feature.

When you turn on Advanced Events Monitoring feature, you are prompted with numerous firewall alerts. If you do not want to receive firewall alerts, you can turn on Silent Mode. When you turn on Silent Mode, Norton Internet Security automatically turns on Automatic Program Control and disables the Advanced Events Monitoring features. You cannot configure Advanced Events Monitoring when you turn on Silent Mode.

Handling Advanced Events Monitoring is strongly discouraged because you might make incorrect decisions that can allow malicious programs or block critical Internet programs and functions.


When you turn off Automatic Program Control, you can configure the various features in Advanced Events Monitoring. You can use the Advanced Events Monitoring features to allow or deny any of the events that may harm your computer. When the event occurs for the first time, a firewall alert appears and you can allow or block the event. When you allow the event, the event details are logged under any of the categories available in Advanced Events Monitoring. You can remove the event details from the list. In this case, the event details reappear in the list when the event is run again. However, an alert does not appear when the event is run for the second time. A rule is created the first time a program runs. The same rule is applied to the program when it runs again. So an alert does not occur when a recognized program runs.