Sasser response times

Discussion in 'other anti-virus software' started by VikingStorm, May 7, 2004.

Thread Status:
Not open for further replies.
  1. VikingStorm

    VikingStorm Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    387
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
  3. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
  4. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    657
    Location:
    Southwestern Massachusetts
    OK, I feel compelled to add my $.02 worth of opinions right NOW:

    1) As Technodrome pointed out previously in this thread, I don't think that the times/dates posted on the PC-Welt site are exact, BUT, they don't have to be; what IS important (to me, anyway) is the "relative order" of the products in website's vendor response table.

    2) IMHO, the "relative order" of the AV products listed can be used to build a short-list of worthy AV products that can/will protect your critical computing systems. As an example, I typically run Dr. Web as my primary AV with it's on-demand scanning active; I run F-Prot, Extendia (AVK and RAV scanning engines), and Command AV as my backup/second-opinion scanners. After seeing the PC-Welt website data, I feel pretty darn good (i.e. safe) right now.

    3) The commercial "main-stream buy-it-off-the-shelf" AV products (by such vendors as Symantec, Trend Micro, and McAfee) should be ashamed of themselves for taking WAY TOO LONG to post updates to detect/fix the Sasser virus, and this is not the first time (Wilder regulars: please back me up here) that they have responded poorly to address other global virus infections.

    4) Congratulations to Bitdefender for being the first AV vendor to respond to the Sasser virus and for beating the other products by a potentially critical thirty minutes.

    5) If any of your computers were infected by the Sasser virus even though you have/use an on-access AV product with current updates, maybe it's time to switch to a potentially better AV product. A major oil company (five letters - starts with "S") was severely hit by the Sasser virus to a degree that I cannot address in this forum; it was not a pretty sight.

    6) If at all possible, stay current with security fixes to your computer's software products via Windows Update, and consider using its "auto-update" feature; I do. I use and recommend the free version of BigFix (www.bigfix.com); it's not bad and the price is right.

    7) NO current AV product will catch 100% of virus infections 100% of the time. If you believe otherwise, I will sell you the Golden Gate Bridge for $1 plus some odd change.

    :cool: Use layers of security products including firewalls, anti-virus, anti-trojan, and anti-spyware components; keep them updated. Bill Gates, the richest man in the world, once said that "PCs will be like toasters; you will just plug them in and they will make toast". I have a dream......

    KDCDQ, Security Freak
     
  5. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, kdcdq

    TOAST be the operative word. :D

    TheQuest :cool:
     
  6. TREllis

    TREllis Guest

    Your post is 90% misleading and meaningless!

    Update times for Sasser are just more Scheiße from PCWelt!

    Even if you have 20 updated anti-virus programs installed, without the Microsoft Critical Update installed, Sasser will still get you!

    You sure do!
     
  7. Sandish

    Sandish Registered Member

    Joined:
    Apr 29, 2004
    Posts:
    51
    NOD32 can´t be included in the tests cause the signature updates are only available through the NOD32 interface. The tests are made with scripts that fetch updates from public ftp/ww sites afaik. See http://www.av-test.org/down/papers/2004-02_vb_outbreak.pdf for details.
     
  8. rodzilla

    rodzilla Registered Member

    Joined:
    Jun 15, 2002
    Posts:
    653
    Location:
    australia
    >> Looks like NOD32 is excluded again?

    > Looks like it; NOD32 databased Sasser.A May 1th 2004.

    This was eminently predictable ... NOD32's "zero seconds" heuristic detection was deliberately omitted from an earlier "response times" article in PC-Welt ... even though the author was fully aware that NOD32 detected and blocked the virus on first sight, without needing an update.
     
  9. rodzilla

    rodzilla Registered Member

    Joined:
    Jun 15, 2002
    Posts:
    653
    Location:
    australia
    > Update times for Sasser are just more Scheiße from PCWelt!

    Sounds like you're a regular reader. :)
     
  10. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    657
    Location:
    Southwestern Massachusetts
    Quote TREllis: "Your post is 90% misleading and meaningless!"

    My Response: Everyone is entitled to their own opinions. I must not have learned anything about computers & security during my 23 years in Computer Information Technology and/or by building/reparing/upgrading/trouble-shooting/networking PCs for the last 7 years.


    Quote TREllis "Update times for Sasser are just more Scheiße from PCWelt!"

    My Response: This is completely possible. I am in the process of trying to formulate my own "Sasser Response Table" like PCWelt did. When I finish, I will publish my own set of numbers with detailed explanations of exactly how the numbers were derived.


    Quote TREllis: "Even if you have 20 updated anti-virus programs installed, without the Microsoft Critical Update installed, Sasser will still get you!"

    My Response: This statement is partially true; 20 "bad" AV programs may not equal good security. The Microsoft Critical Update to prevent Sasser-like virus infections has long been available; I addressed this in my original post. Sasser did not "get" a lot of computers that were using updated security programs/environments.

    KDCDQ, Security Freak
     
  11. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Doesn't really matter what the virus is - "zero seconds" heuristic detection really is the main point.
     
  12. Happy Bytes

    Happy Bytes Guest

    Did you set your system time to the correct year? :eek:
    I mean does it show 2005 in the system try? :eek:
    Coz you're replying here to a thread - exactly 1 year old :eek:
     
  13. Gyuri

    Gyuri Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    8
    Location:
    Hungary,Budapest
  14. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    :D :D :D
     
  15. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    ....it took me a year to find it! :D
     
Loading...
Thread Status:
Not open for further replies.