Cyberhawk versus SocketShield

Discussion in 'other anti-malware software' started by Smokey, Sep 3, 2006.

Thread Status:
Not open for further replies.
  1. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,514
    Location:
    Annie's Pub
    Cyberhawk by Novatix and SocketShield by XPL are claiming both the same:

    zero-day threat protection.

    Which one is in your opinion the better choice?

    BTW: Cyberhawk is freeware, SocketShield cost money.....
     
    Smokey, Sep 3, 2006
    #1
  2. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    I vote for Cyberhawk as it has proved to be good few times already. And it's free too. As far as i know SocketShield is suppose to be zero day protection for exploits while Novatix creation keeps an eye on general malware more (worms, trojans and viruses).
     
    RejZoR, Sep 3, 2006
    #2
  3. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,514
    Location:
    Annie's Pub
    Does Cyberhawk work at the socket level, like SocketShield?
     
    Smokey, Sep 3, 2006
    #3
  4. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Haven't checked LSP providers but i know itmonitors regstry, filesystem and network system. Basically all levels.
     
    RejZoR, Sep 3, 2006
    #4
  5. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,514
    Location:
    Annie's Pub
    That's what impressed me.

    SS is relatively basic with it's functions, CH offer a lot more.
     
    Smokey, Sep 3, 2006
    #5
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,559
    Location:
    The Netherlands
    Can´t really be compared IMO, I mean they completely work in a diferent way, CH is a HIPS, SS is basically an advanced (malicious) site blocker.

    But I have to say that I really don´t know why some people are so impressed with CH, the last time I tested it, it missed quite a lot, I mean I like to be alerted about all suspicious stuff, something that SSM and Neoava seem to be capable of. ;)
     
    Rasheed187, Sep 3, 2006
    #6
  7. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Well i've seen complete opposite of what you've seen. It detected bunch of stuff that only few AVs detected with heuristics or they even missed it completelly. Of course CH isn't meant to replace antivirus but to compliment it. And if you for example use avast! that got ~92% in latst test plus CH behavioral engine you can get some serious results. For free!
     
    RejZoR, Sep 3, 2006
    #7
  8. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,514
    Location:
    Annie's Pub
    What was missed by CH, can you be a bit more specific?

    Only with exact facts i can build my opinion;)
     
    Smokey, Sep 3, 2006
    #8
  9. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    My guess is Rashid didn't test with real malware samples but with testing tools that make singular system changes.

    It seems Cyberhawk is in many respects similar to KAV 6's PDM (as opposed to SSM, PG etc), it doesn't alert on just any single change, but only alerts if a process goes pass a certain threshold of suspicious behavior bu carrying out several of these activities in sequence.

    No doubt, their rules were refined by testing against real malware...
     
    Devil's Advocate, Sep 4, 2006
    #9
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...