Panda cloud and Immunet Free Real time scanning technique

Discussion in 'other anti-virus software' started by aigle, Sep 20, 2010.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Can any one tel me what technique these two AVs use for real time scanning? Do they simple monitor disk read/ write or they scan executables on execution?

    Thanks
     
  2. alhuger

    alhuger Registered Member

    Joined:
    Aug 30, 2009
    Posts:
    82
    Re: Pand cloud and Immunet Free Real time scanning technique

    I cannot speak for Panda but we can review files on copy/write/move/exec etc. All the standard ways you would expect a file to be reviewed with AV software.

    al
     
  3. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    786
    Location:
    255.255.255.255
    Re: Pand cloud and Immunet Free Real time scanning technique

    i think they check if exe is suspicious , if yes then upload to cloud and check

    also now , they even have Heuristic also
     
  4. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Re: Pand cloud and Immunet Free Real time scanning technique

    Thanks
     
  5. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Re: Pand cloud and Immunet Free Real time scanning technique

    I can only say for panda, what they do is inversed fingerprinting.
    Usually files are entirely uploaded to the remote server and scanned there and results are returned tot he client.
    What Panda does is that client itself creates a signature patter that is unique to that file and sends it to a server for a lookup against the database. Then the server responds with a result and client then displays it to the user as clean or infected. Heuristics are mostly local but they rely on cloud statistics and other stuff that helps it make better decision.
     
  6. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
    Panda also does not only on execute but also read/write and they scan HTTP traffic. Also what Rejzor said is correct, that is what most Cloud AV's do, though Panda can also scan locally with a set of signatures for when offline.
     
  7. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Just to add the inverse signatures also allow cloud heuristics and generic detection.
     
    Last edited: Sep 23, 2010
  8. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Thanks all of you.
     
Loading...
Thread Status:
Not open for further replies.