Linkscanner Lite - worth a punt?

Discussion in 'other anti-malware software' started by Baldrick, Sep 25, 2007.

Thread Status:
Not open for further replies.
  1. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    Am using McAfee's SiteAdvisor which seems to give mixed results and was wondering how it compares to Linkscanner Lite which I have heard is considered to be rather good. Am not wishing to start a straight fight between products but rather soliciting views as to the merits of each...not a direct comparision of one vs. the other.:blink:

    I hope to be able to decide for myself by comparing the relayove merits of each and testing Linkscanner Lite as well:D

    Thanks in advance.
     
  2. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,702
    Location:
    Texas
    Hi BaldRick,

    Linkscanner is an excellent product, I'm only familiar with the paid version. The paid version scans the sight real time, before rendering its opinion. Also the malware protection is great, taking the hit before your other defenses, have a chance to know what's going on. Support is excellent, last time I used Link, they had a problem with Comodo FW, the NOD32 issue i believe has been resolved.

    Take Care
    Rico
     
  3. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    You can actually run them both at the same time- one for a current, content analysis and the other for a historical analysis.
     
  4. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Would make good testing thanks.
     
  5. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    Hi Baldrick,

    Now, admittedly I'm a little biased but I think LinkScanner is much stronger than SiteAdvisor. (lol)

    The whole thing about web-based exploits is their transience. Anything historically based is always too slow to realize something's been hacked, and then too slow to realize something's been cleaned.

    Take, for example, k1-usa.net. This is a mixed-martial arts website, and used to be the number 1 organic link that came up when you googled for k1. It was briefly hacked in April 2007, and was serving exploits from some ip on RBN (Russian Business Network). Neither SiteAdvisor nor google (StopBadware) knew about it at the time (although we did, and told the k1-usa guys about it in fact), and it was cleaned up a week or two later.

    In the mean time, however, StopBadWare had found out about it, and now it seems to be permanently besmirched in google. It has slipped from the number 1 spot to about number 8, and you cannot get to it from a google search link ... you have to cut and paste the URL.

    And if you put it into SiteAdvisor, it says it's never rated the site, and knows nothing about it.

    Now, if you're patched, none of these sites can bite you anyway, but it's nice to know which ones would try.

    The single biggest trend that I see as we watch this stuff is transience... the Storm botnet for example is incredibly transient. Another example are the groups whose business model is to buy really cheap .cn websites and work from there. They know they'll be shut down fairly quickly, but they don't care.
    Another example are the groups who like to hack into webfarms, and infect all the sites there in one hit. (We made a video about that at youtube if you're interested http://www.youtube.com/watch?v=G_jh8lHb49w ). I could go on and on...

    Btw, LinkScanner Pro, although not free, is really much better than Lite. Lite can only follow links to a given depth, or it would take too long. And exploits served from banner ads (increasingly common) tend to come up in rotation... not every time. Lite will miss those, but not Pro.

    Cheers

    Roger

    CTO
    LinkScanner.com
     
    Last edited: Sep 26, 2007
  6. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    Dear All

    Many thanks for your thoughts and advice. All very interesting & useful. :D

    I will certainly give Lite a try and see what it can do for me. :D

    Not sure about running both SiteAdvsor and Lite. :blink:

    Have also spotted TrendProtect and may well try this as it also appears to be interesting...but more like SiteAdvsor than Lite. o_O
     
  7. Huwge

    Huwge Registered Member

    Joined:
    Oct 21, 2004
    Posts:
    405
    Location:
    UK
    That reminds me.....isnt there something that analyses a link with a right click to tell you if its malware.....useful for links from one site to another
     
  8. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Dr.Web link checkers?
     
  9. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    Well, LinkScanner Lite (as well as Pro) does that.

    Cheers

    Roger
     
  10. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    Hi Roger

    Am a trying at the moment and am impressed with the Pro version (thought I would give your 15 day trial a whirls based on what you said in your post). Has to get past the wife as she is the one who surfs most and is very demanding in terms of (i) speed and (ii) not being disturbed during her surfing. So far I dedect only a very slight degredation in surfing speed (but then my PC is rather old)...but the jury is currently out. Fingers crossed the product passes, eh?

    BTW, do you do multiple site licences or does one have to purchase 2 individual licences if I wanted to proect both my and my daughter's laptop?

    Regards;)
     
  11. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    Hi Baldrick,

    I'm pleased everything is going well. :) I purely do the research piece, so I'm not sure but there are usually bundled deals if you look the website. Let me know if you can't find something suitable.

    Cheers

    Roger
     
  12. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    Thanks. I will bear this in mind and post back if I don't find what I am looking for (as and when I get the pass from the boss, heehee).;)
     
  13. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    :)

    Cheers
     
  14. acr45

    acr45 Registered Member

    Joined:
    Oct 26, 2006
    Posts:
    63
    Can anyone confirm this, because I would like to test LS Lite out but I obviously do not want it to conflict with Comodo.
     
  15. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    I just gave it a whirl tonight... worked fine for me.

    Roger
     
  16. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    LS Lite is less likely to cause problems with security software than LS Pro because it doesn't install a LSP to intercept network traffic.
     
  17. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    That's correct. LSPro sees more, though, because (1) Lite can only look so far ahead or it's too slow (a future release will probably allow power users to control the depth of the crawl) and (2) some bad things are simply dynamic, such as exploits from rotated banner ads.

    Cheers

    Roger
     
  18. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Hello Roger,
    What other features are you planning for LS Lite?
    Thanks in advance.
     
  19. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    Hi Lucas,

    I can't say too much really, but the general direction in which we';re heading is more subtle analysis of pages... not just exploits but more and more social engineering.

    Feature requests are always welcome, of course.

    Cheers

    Roger
     
  20. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Sounds like a hard challenge. Trying to detect social engineering attempts looks really difficult.
    Opera support comes to my mind ATM. Also, I like how TrendProtect places the warnings.
    Thanks for your answer :)
     
  21. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    Still evaluating and looking good!

    I think that the option to be able to clear the contents of 'Exploits Prevented' & 'Sites Blocked' panels would be useful.

    Also, I am not sure how the application is updated; whether this is automatically like the malware definitions or but the download and manual installation of the new version. If the latter then an automatica application update feature might be useful?

    Finally, what about expanding the capabilities by including detailed testing for spam potential, phishing sites and malicious downloads as options that can be enabled/disabled by the user via the Settings panel? Assuming that they would not slow down the application. Just a thought that may be counter to the direction you want to take the product in...but a thought nonetheless.
     
    Last edited: Sep 28, 2007
  22. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    439
    working very well here with the new nod32 av RC1. Mine has so far found 8 exploits, 5 of which were Invisible Iframe launchers, and the other two were windows metafile with known payloads. This was especially good as I was not here at the time and another family member was using the computer, so its reassuring to know that the computer is watched when I am away.

    Rollers
     
  23. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    Good thoughts.... thanks!

    Roger
     
  24. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    We'll chew on those ideas too. Thanks!

    Roger
     
  25. zhanwest

    zhanwest Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    42
    LinkScanner Pro or none
    IMO, LinkScanner Lite is trouble to use
     
Loading...
Thread Status:
Not open for further replies.