Can this be a better combination than AppDefend\RegDefend or ProcessGuard?

Discussion in 'other anti-malware software' started by dja2k, May 18, 2006.

Thread Status:
Not open for further replies.
  1. herbalist

    herbalist Guest

    No, I don't underestimate them, or the talent M$ has for writing vulnerable code. Not when at least 75% of all PCs are infected with this junk. In the environment I described, the malware would first have to break out of a sandbox or virtual environment that was running on a HIPS protected system, then try to attack it. 2 very tough layers, not including the standard issue defenses, firewall and AV.
    Vista won't be a problem for me directly. I won't even use XP. Was thinking more about the PCs we'll have to eventually service and the malware disasters we've yet to see on them.
    Rick
     
  2. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,658
    Location:
    Sydney, Australia
    Part of the problem is that even with a pure behavior blocker/exectution protection system, users will allow malware to run. I think Notok mentioned that PrevX see this in their database, and we certainly see it in ours as well.

    User education is a big and often underestimated factor in security.
     
  3. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Indeed, and I don't fault the user for this at all, as I don't believe that users should need to be in the position of having to know the difference between malware and system files of the same, or very similar, filenames. If they did, they would likely not need such software to begin with, IMO, except as a convenience tool. In theory pure behavior blockers are great, but in practice they don't often provide much additional actual security.

    It will certainly be interesting... :doubt: :)
     
  4. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Altiris is, mostly, for the software installations virtualization. It is not for the anti-malware protection.

    I think so :D

    No, beta-testing have been finished six mounth ago, and it won't screw up your computer.
     
  5. comma dor dash

    comma dor dash Registered Member

    Joined:
    Jun 5, 2005
    Posts:
    146
    Thanks for the answer. I might give it a try.
     
  6. herbalist

    herbalist Guest

    In too many cases, user education is bad joke. On one PC I cleaned last winter, it's owner complained that the curser she was using wasn't there anymore, a dolphin if I remember. It did no good to tell her what came with that curser. She had me put the adware back in, just so she could have that curser back!
    I had another user tell me, roughly quoted:
    "I don't care what they do with my computer, as long as I can play my games."
    Education means nothing when the user has an "I don't care" attitude, even when the topic was someone using the PC to attack others. For this user, I only see one possibility. Crack into their PC and interfere with the games. So far, I've resisted that idea and repeatedly wrestled with the "which is the greater wrong" line of thinking. Hack a friend to save them and others from themselves? No, I'm seeing too many instances where user education isn't going to get it done. I won't get started on education vs users kids, what a joke. Going off topic, sorry.
    I've had another thought on all this recently. I'm sure that many of you have a regular group of customers that you maintain the PC for. Regular cleaning, security updating, etc. Most of the customers I have know almost nothing about computer security and don't have the time or desire to learn it. How about installing the security setups we've been discussing on their systems and using remote administration to tune it to match their usage. Might be a hassle to start with, but it could really save on service calls later. Compared to just a few years ago, PC security has become quite complicated and I can't blame a user for not spending huge numbers of hours learning how vulnerable they really are. Maybe the answer is to provide a service, not just education or software. At least for some of them.
    Rick
     
  7. EASTER.2010

    EASTER.2010 Guest

    I sympathize over the many users lack of learning the bare-bones basics to security. Many users systems i have in-home serviced simply subscribe to the false security and notion that Micro Updates and the Nortons that came with their purchase is enough and all they need.
    Not untill you sit down with them and go over a HijackThis log then Google the results for them do they realize that the Bingo Game or other Coupon Discount program and other Games they take such satisfaction in, is riddled with all sorts of additional junk that consistenly downloads more and more untill their computer is slowed down to a crawl if not disabled entirely or refuses to boot. Free screensavers are another popular item that carries toolbars and other sort of attachments that are sometime virus laden and so on. BEEN THERE TOO MANY TIMES. LoL

    As if that wasn't enough, you can have them install and insist they run regular scans from the most dependable and popular AS & AV's but now they have something to remove some of the gunk, they will go right back again and repeat the same sequences untill they really get hit where even the AS or AV gets locked up or disabled and they're right back to square one again as in "Help".o_O
     
  8. ronny

    ronny Registered Member

    Joined:
    Feb 18, 2004
    Posts:
    231
    Location:
    Belgium
    So true and recognizable. Good read.
     
    Last edited: May 21, 2006
  9. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    Maybe this thread started too soon and now a new Ghost Security Suite is on its way as alpha though, but hey its a start. Lets see how that changes things...

    dja2k
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.