Need Help In Winning A Friendly Argument

Discussion in 'other anti-virus software' started by Graystoke, Mar 22, 2005.

Thread Status:
Not open for further replies.
  1. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California
    I had a little discussion about antivirus software with a friend of mine last night. He believes that it is more important to have inbound and outbound e-mail scanning with weekly virus updates. He uses McAfee VS9 and figures if it's something important, the updates will come. I said it was more important to have daily updates and not have to worry about some outbreak. You can live without outbound e-mail scanning (I'm using BitDefender 8 Standard at the moment). The discussion implied that both AVs had to have good detection also. That was a given.

    Any thoughts? I'm hoping the experts here will back me up on this one so that I can show him and gloat. :D


    Thanks
    Graystoke
     
  2. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    graystroke,

    E-Mail scanning is NOT a required feature b'coz the realtime monitor is gonna intercept the infected emails anyway.

    Daily updates are essential because only dailies will protect you against new zoo malware, and zoo malware is still obtainable, as I've got plenty of times...And yes daily updates ensure the best response time to any new threat.

    Regards,
    Kaushik (Firecat)
     
  3. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California

    That is what I kept telling him. :) Thanks Kaushik.
     
  4. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Regardless of Advanced Heuristics , daily is ALWAYS better than weekly . I did not know anyone cannot see that . THAT is what should have been a " given " .
     
  5. Ianb

    Ianb Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    232
    Location:
    UK
    McAfee home users get daily soon anyway so he will probably agree with you then. :p
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    To extend the concept further, hourly is better than monthly...

    Cheers :D
     
  7. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    The thing with outbound email scanning is that if the real-time monitor can't detect the file that's sending the email, what makes you think an outbound email scanner would? I believe this would also be vulnerable to any 'firewall bypass' tricks.

    Daily updates are important, however, although I think the ITW malware would be the greater concern here (than zoo.) When the next major worm hits, you don't want to have to wait a week to be protected against it.
     
  8. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California
    Thanks to all. I'll have to call my friend and tell him to check out this thread. He probably won't change AV's, since like Ianb said, McAfee is supposed to go to dailies soon. But at least with your help, I proved my point. :D
     
  9. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Hey BlackSpear .
    If I wanted it extended , I would have done it myself . lol . Only teasing . You know that . And cannot argue with your statement .
     
  10. quexx88

    quexx88 Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    235
    Location:
    Radnor, Pennsylvania
    Forgive me if I'm wrong, but I do believe that only users of McAfee's enterprise level software will get automatic daily updates.
     
  11. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Hi quexx .
    Long time . Anyway . McAfee finally changed that . At least , that is my understanding . They have either begun or are going to begin daily updates for personal users .
     
    Last edited: Mar 22, 2005
  12. Grumble

    Grumble Registered Member

    Joined:
    Apr 25, 2004
    Posts:
    185
    Location:
    the sunshine state
    McAfee has said daily dat updates will be "later this summer" for consumer products.

    (Too late for me though, my Mc subscription expires later this month, I'm now a happy camper with hourly updates from GData).
     
  13. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    This would more or less be my response as well. So I will just second this one ;)

    Off Topic: Looks like Blackspear has gone High Tech with his avatar. :D ;)
     
  14. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    YOU WANNA argument, come on let's argue ;) Hmmm what are we going to argue about, maybe we should meet down the pub and have a chat about what the subject will be, your shout, see you there in 10 ;) :D


    Ahhhh yes, a fellow Queenslander did a marvellous job, well I reckon so ;) :D

    Cheers :D
     
  15. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Yeah, it's nice. Looks a bit like the hood ornament from a Yugo. :cool:

    I don't think anyone mentioned this but -- if someone surfs on the blood-splattered knife-edge of wild & dangerous websites, s/he is eventually going to come into contact with TOMORROW'S malware, for which no signatures have yet been developed. In such case, s/he better have an AV with industrial strength heuristics (such as NOD, DrWeb, etc). AFIK, McAfee is NOT noted for having a heuristics engine of this caliber.
     
  16. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    LMAO, I know what a Yugo is, this is the last one I came across, had been used for a week ;) :D


    Very good point, nice catch.

    Cheers :D
     

    Attached Files:

    • yug.jpg
      yug.jpg
      File size:
      21.1 KB
      Views:
      96
  17. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    A bit of paint & some new tires, & that limo should be good to go, wot? :D :D :) :D
     
  18. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    bellgamin,

    Excellent way to put it, tomorrows malware.

    McAfee was not too bad in the last www.av-comparatives.org pro-active/retrospective test. NOD32 was the leader of the pack, with Bitdefender/Dr.Web/KAV/McAfee in the second tier level, with those followed a bunch of trailers. All the program versions have now been superceded, so who knows how things stack up.

    Back to the thread topic - one thing that everyone's ignored is the growing prevalence of e-mail scanning at the ISP level. I didn't realize it myself until I ran some tests that required "virus" samples to get mailed to me. None made it past the ISP's server. It hadn't been widely publicized, but I get very decent mail coverage at the server level, which does lessen the importance of mail scanning for me.

    As with most of the others - I'd lean towards rapid updates. Note that even the "weekly" updated products update sooner with significant threats, although that is small comfort to anyone compromised by a "minor" piece of malware.

    For me, the answer to your friend is actual experience. The most recent cases where I've personally dealt with an infection (my own or others) have been situations with currently propagating epidemics. Quick deployment of signatures would have been key in these cases, they just weren't quick enough.

    Blue
     
  19. Big D1

    Big D1 Registered Member

    Joined:
    Aug 20, 2004
    Posts:
    68
    Even though McAfee doesn't have daily updates for home users yet, they can still use the daily dats to update. Take for instance, I waited for McAfee to do it's weekly update thing on Wednesday evening. Thursday evening I downloaded and installed the daily dat. A whopping 135 more detections added in just one day, and that is a fact. Weekly updates were the norm in the past, but daily updates are here to stay, and even McAfee has acknowkledged the necessity for daily updates.

    McAfee contradicts itself by saying to not use the daily dats for home users because, for the time being, it is for the corporate customers, but they do allow the public download, and they do say a home AV user is not denied access. I just think that they cover their butts because when one copies the daily dats to the VSO folder, there is always a chance of corruption. Backup the VSO folder before copy, and every thing is good.

    Blue does make a good point. Since my ISP, Charter Communications, has been scanning emails with their Ironport AV(Sophos engine), I have not had one single virus sent to me on three different email accounts in over 6 months. I have seen a few phising scams but that's all. Before they started scanning, I would get up to 15 viruses a day during a heavy outbreak, and getting a virus in an email was just normal to me. Now it's not, at least not for me.
     
Loading...
Similar Threads
  1. Ronald78
    Replies:
    14
    Views:
    1,110
Thread Status:
Not open for further replies.