Kaspersky Internet Security 2009's anti-phishing engine

Discussion in 'other anti-virus software' started by Katmai, Jan 3, 2009.

Thread Status:
Not open for further replies.
  1. Katmai

    Katmai Registered Member

    Joined:
    Dec 25, 2008
    Posts:
    12
    Do Kis 2009 analyse web sites(called heuristic anti-phishing?) for anti-phishing or just have a blacklist for anti-phishing?
    Are there security suites which has anti-phishing engine which analyse web pages?
     
  2. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    430
    Location:
    The Netherlands
    I don't know about KIS2009, but Norton Internet Security 2009 does have an anti-phishing engine, both with heuristics and blacklisting.
     
  3. Judge Dee

    Judge Dee Guest

    Hi Katmai,
    From the KIS 2009 helpfile:
    "The Anti-Phishing component tracks attempts to open phishing sites and blocks them. The application's threat database lists all sites currently known to be used for phishing. The Kaspersky Lab specialists add addresses obtained from the Anti-Phishing Working Group, which is an international organization. Your local copy of this list is updated by updating the application's databases".
     
  4. Zombini

    Zombini Registered Member

    Joined:
    Jul 11, 2006
    Posts:
    469
    So its blacklist-based.. no heuristics. This means its pretty useless.
     
  5. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Whats NIS got to do with KIS?
     
  6. Jin K

    Jin K Registered Member

    Joined:
    Apr 9, 2008
    Posts:
    105
    kaspersky has heurstic model for web and you can tweak it from the web traffic settings so i think its total for all web threats including Phishing Site
     
  7. Judge Dee

    Judge Dee Guest

    Hi Jin K,

    Unless I'm missing something, I don't think so. I read through the help again and in all its references to heuristics, it doesn't mention phishing.
     
  8. Judge Dee

    Judge Dee Guest

    Here's 2 screenshots of Web Traffic settings. Hopefully I'm missing something.
     

    Attached Files:

  9. Judge Dee

    Judge Dee Guest

  10. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,633
    Location:
    UK
    In addition to using the Anti-Phishing Working Group for their list of phishing URLs, I believe KL uses the PhishTank database as well.
     
  11. Zombini

    Zombini Registered Member

    Joined:
    Jul 11, 2006
    Posts:
    469
    These heuristics you have referred to above have nothing to do with phishing. They are only meant for drive-by downloads.

    Phishing is still non-heuristic, black-list based.. USELESS.
     
  12. denniz

    denniz Registered Member

    Joined:
    Jul 26, 2007
    Posts:
    430
    Location:
    The Netherlands
    The topic starter asked:

    And I replied.
     
  13. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,633
    Location:
    UK
    And yet many still use the blacklist approach.

    It'd be useful to have some heuristic element as an additional tool, but like with blacklisting etc., they will need to be tweaked and updated every so often in much the same way signatures and other blacklists are.

    As is often said, it's a cat and mouse game that's being played all the time.
     
  14. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    Heruistic analysis and blacklisting is useful; a suite can check exactly where the info is going and compare it to a blacklist and perform it's own heruistic analysis, such as location, and compare it to the trusted and known places.

    I simply do not shop online.
     
  15. Katmai

    Katmai Registered Member

    Joined:
    Dec 25, 2008
    Posts:
    12
    Thanks for your answers.

    Does Nis 2009 really have heuristics for anti-phishing engine?

    I had a chat with a Symantec assistant,but i couldn't be sure if it really has or not:~Private chat removed per the TOS. - Ron~
     
    Last edited by a moderator: Jan 8, 2009
  16. shanep

    shanep AV Expert

    Joined:
    Sep 10, 2008
    Posts:
    54
    ~Quoted post removed. - Ron~

    Hi Katmai,

    Sorry for the confusion. I would like to confirm that the anti-phishing engine in NIS is heuristic as well as blacklist based. There are far too many (billions) web pages out there that are changing too frequently and this makes a blacklist-only approach ineffective.

    Thanks,

    Shane.
     
    Last edited by a moderator: Jan 8, 2009
Loading...
Thread Status:
Not open for further replies.