New Matousec Tests - 2010

Discussion in 'other anti-malware software' started by lordraiden, Jan 5, 2010.

Thread Status:
Not open for further replies.
  1. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,080
    Another Proactive Security Challenge milestone – it now contains 148 tests (2010/01/04 10:30)
    http://www.matousec.com/

    We have implemented several major changes in our Proactive Security Challenge:

    1) 64 new tests have been implemented to SSTS. The main focus was to cover files and folders protection, registry keys and values protection and control of system autorun entries. Several tests of other kind were implemented too. A functionality of a few tests has been changed.

    2) Scoring have changed in case of many tests. There are currently no 5%, 10% or 50% penalties, every failure leads to score of 0% for the given test. This affects many termination tests, SSS, SSS2, SSS3, Driver Verifier, BSODhook and ShadowHook tests.

    3) The vendors now have a right of only one free testing request per six months for all their products, previously they had two such requests for every product. This change is enforced by the extensive amount of the new tests.

    4) SSTS now contains the new Configurator tool. This tool is handy for creating the configuration files, especially for the settings required by the new tests related to file and registry protection.

    The vendors are now given five weeks to review their products' protections. The tests with the new version of the suite and new rules will start after that.

    The further development will focus on implementing new testing suite for Windows 7 on 64-bit platform.


    Security Software Testing Suite
    http://www.matousec.com/projects/security-software-testing-suite/

    Changelog

    * 2010-01-04: Major improvements and changes. Many new tests were implemented. The main focus was to cover the areas of Windows OS security that were not covered by previous versions. The suite now contains tests that check protection of disk files and folders, registry keys and values and various places in the system that can be used to create autorun entries and several new tests of different kind. Several bugfixes and changes were implemented. SSS, SSS2 and SSS3 were simplified and now check only the ability to perform unwanted reboot/user log out. The current number of the tests in the suite is 145. The suite is now supported by the SSTS Configurator tool that makes it easier to create the correct configuration file.
     
    Last edited: Jan 5, 2010
  2. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Interesting. Waiting to see the first testing results. Hope to be out soon.
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Windows vulnarabilities and attack methods are a never ending game. It will be interesting to see the results. I think these tests will push security products to strive hard. But what is the practical implication of such products remains unknown.
     
  4. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,080
    I want to see how well works the HIPS on win7 x64 and the difference with 32bit
     
  5. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139

    Yes me too.
     
  6. dcrowe0050

    dcrowe0050 Registered Member

    Joined:
    Sep 1, 2009
    Posts:
    378
    Location:
    NC
    Sounds great I can't wait to see some results.
     
  7. Serapis

    Serapis Registered Member

    Joined:
    Nov 15, 2009
    Posts:
    241
    How does x64 SBIE fare under these tests compared to 32 bit?
     
  8. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    That's a big problem with Matousec's tests.
    He does not give evidence of the practical value of his tests.

    At the Firewall Leak Tester site were comments like "Trojans that use this technique: W32.Welchia.Worm, The Beast", which can be still found here (Techniques employed by leak-testing software):
    http://www.matousec.com/info/articles/introduction-firewall-leak-testing.php

    Apart from that I think everyone who performs comparison tests with real malware will see, that apps like Mamutu or ThreatFire do way better than Matousec's results indicate.
    Therefore I don't think his tests have a great practical value.

    Cheers
     
  9. JohnnyDollar

    JohnnyDollar Guest

    Welcome to the land of common sense and reason.:D
     
  10. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    With run/internet restrictions in place the several I tried couldn't execute.

    SB.JPG
     
  11. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    I'm afraid we will not meet many testers in this land. :cautious:

    Cheers
     
  12. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,080
    Last edited: Jan 6, 2010
Loading...
Thread Status:
Not open for further replies.