Is http scanning (WebGuard) necessary?

Discussion in 'other anti-virus software' started by Defcon, Sep 6, 2007.

Thread Status:
Not open for further replies.
  1. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    I have been using the free version of Avira along with some spyware scans using free products on a regular basis. I am now wondering if http scans are worthwile and should I finally pay for the Avira security suite and just have an all-in-one solution and peace of mind.
     
  2. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
  3. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    I don't think that post is accurate. My understanding of http scanning is that it scans any traffic on the http protocol through a proxy server. The AV engine scans anything accessed via file API's (open/execute etc). Thus if a web page has a malicious script it will not be caught by the AV but by the http module. Web downloads are covered but not web pages/active content etc.
     
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
  5. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Good AV RTM - necessary

    WebGuard - unnecessary
     
  7. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    HTTP scanning is the only way to catch and block (!) exploit files like JPG, WMF, ANI or HTML/JS before the browser parses them (and executes the exploit if the system is unpatched). If you are only using on-access scanning, the exploit will be detected - after the exploit was executed and able to download/execute more malware - if that malware is undetected by the AV scanner aswell.

    Now, if you are using a good HIPS I would say you don't need HTTP scanning. A good HIPS will block the installation/activation attempt of the shellcode. HTTP scanning always slows down surfing, no matter how fast the AV product is.
     
  8. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    This would seem to imply that AV products without a HTTP scanner are unable to prevent ANI, HTML/JS etc exploits from doing their dirty work. To the best of my experience, this is completely untrue; even the WebGuard-less AntiVir Classic triggered numerous times on the ANI exploit, shellcoded HTML files and, of course, the dreaded HTML exploit heuristic...

    This is getting more and more confusing.
     
  9. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    It does slow down, but if it's done properly it's hardly noticeable. BitDefender's HTTP scanner is sluggish, while avast's is hardly noticeable.
    Well at least i can't see any difference when turned on or off. 1Mbit line.
     
  10. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California
    I don't know if http scanning is absolutely necessary or not. I'll leave that up to the experts. I do know that I feel somewhat more secure with an AV that does have http scanning, so I guess that's what really matters. If you feel better having an http scanner and it doesn't affect your computer's performance, why not take advantage of the extra protection.

    I'm using Avira IS with http scanning enabled, and it doesn't affect my browsing speed at all. There is some slow down when it comes to loading some adobe flash videos, but I can live with that.
     
  11. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    For me a HTTP scanner is a welcomed component.
    Is it neccesary? I'll leave that question for an av expert.
     
  12. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    How do you know?
     
  13. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    no, its not.
     
  14. Eldar

    Eldar Registered Member

    Joined:
    Jul 12, 2004
    Posts:
    2,126
    Location:
    Vilvoorde (Belgium)
    Haven't experienced any slowdowns yet with BitDefender, nor with KIS. :)
    It's good to have some extra protection layer IMO.
     
  15. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
    Originally Posted by RejZoR
    BitDefender's HTTP scanner is sluggish, while avast's is hardly noticeable.

    Agreed. I don't notice a slow down at all while using Bitdefender 2008. I've tried surfing with HTTP active and off. I can't tell the difference.
     
  16. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    My personal experience with Avast on Vista was the system experienced a general slowdown. This could be Avast or some drivers on my notebook.

    Previous versions of Bitdefender were found to cause system slowdowns in tests by one of the big magazines, either PC World or PC Magazine. However, that was for version 8 or 9. I don't know if there has been an improvement, but these sort of reputations are hard to get rid of.
     
  17. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Trying Avast at this time, so far no slow down and it seems to load very fast at start up.
     

    Attached Files:

  18. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I have learned a new fact from a respected expert. Thanks, Stefan.

    I do have a good HIPS, of course.
     
  19. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,056
    Location:
    Las Vegas
    Absolutely no difference whether it is off or on, and faster on my machine than Norton, Avira, or NOD32.
     
  20. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    It's sluggish. BD10 HTTP was awful. BD11 looks better but still far from what avast! can show off.
     
  21. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Salesperson now hey Stefan.;)
     
  22. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    So as I have Defensewall I can leave the Avira web scanning off?

    Collective view of those in the know?

    Ian
     
  23. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
    It maybe sluggish on YOUR computer(s). Every computer setup is different. But it's light and speedy on my computer. And on other users computers. I can't tell it's turned on when I'm surfing.
     
  24. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Hmmm.......Necessary? Dunno.
    But i'm using it, nothing wrong with added protection.
     
  25. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    To go along with this question, would running Sandboxie nullify the need for a web scanner? Thank you
     
Loading...
Thread Status:
Not open for further replies.