SafeOnline question...

Discussion in 'Prevx Releases' started by arjunned, Apr 14, 2010.

Thread Status:
Not open for further replies.
  1. arjunned

    arjunned Registered Member

    Joined:
    Apr 1, 2008
    Posts:
    191
    Is there any way to test and see how SafeOnline works?

    I have been using Prevx since the Wilders giveaway. Have done some testing on my own, by throwing a few links and old samples at it, just to see how it behaves when a threat is detected and how it removes them(couldn't do this with free version i was using before). But never once has SafeOnline popped up. Everything was caught by realtime infection monitoring component.

    Also, i have my settings for SafeOnline set to Maximum for HTTP & HTTPS. If i try to take a screen shot of my browser (using W7 Snnipping tool), should Prevx warn me that a screenshot is being taken? Is this what "Protect against screen grabbing attacks" means?

    Thanks in advance for the clarifications. Just trying learn about what SafeOnline actually does. :)

    Cheers!:thumb:
     
  2. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    Yeah, I also would like to test it. Maybe Joe could post a few links where we could see the efficiency of SO.

    No Prevx don't warn you, though you shouldn't be able to take a screen like seen there https://www.wilderssecurity.com/showpost.php?p=1658052&postcount=18
     
  3. arjunned

    arjunned Registered Member

    Joined:
    Apr 1, 2008
    Posts:
    191
    Unfortuanatelly, i'm not sure SO is working as it should. At first i thought it was because iwas running my browser sandboxed. But i'm still able to take screenshots with Snipping Tool, even with un-sandboxed browser (both IE & Firefox).

    Need some guidence here Joe. :)

    Cheers.
     
  4. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    I found a one that was blocked by Prevx. Well done :thumb:
    However one thing quite bothers me ... I am using Opera with setting "Start where you have ended". When I got on this page Prevx prompted me to either block or ignore. I obviously chose to block what resulted in closing the whole Opera not just the blocked tab. Reopening Opera I always got this prompt. Electing block always closed Opera. So it was a circle with only one option. I had to choose to ignore and close the tab then. In other words, Prevx should be closing only blocked tab not the whole Opera.
     
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Yes, this is quite a valid point and we came across this in testing as well. We're working on a way to interface better with Opera to close the tab/instance without making Opera re-load the last page, otherwise it certainly isn't very helpful :)
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    There are certain areas of protection which are applied with the Prevx 3.0 antimalware components on 64bit PCs because of architectural impossibilities. The result is that we don't block legitimate screengrabbers or clipboard viewers on x64 but all of the rest of the functionality is fully loaded.

    Lower level functionality testing of SafeOnline/similar products is very difficult to test. MRG ran a test over a few types of threats here: https://www.wilderssecurity.com/showthread.php?t=267922 but SafeOnline protects against more than 50 different areas of potential data leakage.

    You can probably find some leaktests online to demonstrate some of the functionality (AKLT is a good keylogger leaktest, although it only demonstrates high-level keylogging) but you may want to read through the report done by Immunity which outlines the stronger areas of SafeOnline's protection: http://info.prevx.com/download.asp?GRAB=IMMUNITY

    Let me know if you have any questions! :)
     
Thread Status:
Not open for further replies.