Detection

Discussion in 'Trojan Defence Suite' started by dallen, Mar 5, 2004.

Thread Status:
Not open for further replies.
  1. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    Ok. Hypothetically, say someone that I know has a friend that used TDS-3 and also uses Shareaza to download music and programs via bit-torrent files and P2P. Of course that individual only downloads songs of music and programs in which they already own the CD, thus not to violate any U.S. copyright laws. Anyway, they scan the files using NAV 2004 Pro as soon as they receive them and periodically run Ad-Aware, Spybot Search & Destroy, and TDS system scans in an attempt to stay away from nasties. Also, they are behind a Zone Alarm firewall. How safe are they behaving in this manner? Thank you for your expert opinions.
     
  2. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    hi
    Dallen... :)

    Personally, it depends on the 'source' of their downloads, meaning the various sites vastly differ in terms of 'cleanliness'.

    What you may safely download from one, may be a nightmare from another, but I realise that's not the focus of your question.

    If you are running a RTM [Real time monitor] of an AV program, and have programs in place that monitor the start of any files, like TDS3's 'Execution Protection' then comparatively you are safe. [Provided all databases are UP TO DATE].

    However, nothing is a guarantee from the net, and all safe practices must be implemented..

    When I download, I usually save it to a desktop folder specifically for the purpose.... then I scan it with my AV, TDS3, and the download itself I scan with Wormguard [TDS3's partner in anti-nasties, from same company] and if given all clear, and only then, I will execute it.

    You must scan the download with everything in your arsenal FIRST. ;)

    Safety wise, that's the only option IMO.

    Cheers, Adrian. :D
     
  3. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hmmmm For the infection part i would say the NAV is indeed there for JS and viruses detection at least, have WG running too and TDS with exec protection; i would gather all downloads in one separate folder which is scanned as a whole at least each day with TDS too before the files are allowed to run and to make it manageable you will probably after that scan move them to a music folder.
    I wonder if they would still run if you encrypt them with CS to hide proof they are there for prying eyes.
    Guess you have to decrypt them first to play them.
    Of course your computer is hidden behind proxies and located in other countries with different laws :D
     
Thread Status:
Not open for further replies.