Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Any real-time software that uses non-traditional ways to find malware?
Message
<blockquote data-quote="mazskolnieces" data-source="post: 916899" data-attributes="member: 88422"><p>I only have a single account.</p><p></p><p></p><p></p><p>There is no burden of prove on me when I know what the industry best practices are. Either you know, based upon real world professional experience or you don't. You have to figure it out.</p><p></p><p>I told you earlier where you can find best practices. I even provided the courtesy of listing a slew of potential sources. There is no single document that you can go to (which that is exactly what you are demanding and if it isn't provided then you'll say no evidence is provided. You're not fooling anyone. Everybody knows what you're like.)</p><p></p><p>Here are a few examples. A couple are from an industry-wide security policy clearinghouse. Another is from a large security product vendor. The final one from an even larger security product vendor that is quoting the Australian Signals Directorate.</p><p></p><p>I already know that you're going to come back and argue semantics about what these security practices say really say. All I'm going to say is that Microsoft offers multiple mechanisms to disable or even remove many things on Windows. If Microsoft did not intend nor want users to disable stuff on Windows, then it would not provide the means to do so. Microsoft's fundamental precept is that if it can be disabled without breaking the OS, then disable it. It even provides lists to its clients that state that things such as PowerShell or Windows Script Host, among others, can be disabled for the best level of security. That has always been the first rule of ASR.</p><p></p><p>Furthermore the industry itself has many projects, and ultimately researchers have shown that the best security is provide by disabling processes. Millions of end users adhere to this advice full-time. They've literally been doing it for the past 20+ years without the sky falling.</p><p></p><p>Arguing that things such as Control Panel are vital OS resources is amateur hour on your part. Control Panel is not a vital resource. Never was. Never will be. And switching a boolean OFF to access Control Panel when rundll32 is disabled is so easy a beginner can do it. Not only that, depending upon the implementation, there's ways to access control panel even with rundll32 disabled without disabling the protection.</p><p></p><p>[ATTACH=full]250310[/ATTACH]</p><p>[ATTACH=full]250312[/ATTACH]</p><p>[ATTACH=full]250313[/ATTACH]</p><p>[ATTACH=full]250314[/ATTACH]</p></blockquote><p></p>
[QUOTE="mazskolnieces, post: 916899, member: 88422"] I only have a single account. There is no burden of prove on me when I know what the industry best practices are. Either you know, based upon real world professional experience or you don't. You have to figure it out. I told you earlier where you can find best practices. I even provided the courtesy of listing a slew of potential sources. There is no single document that you can go to (which that is exactly what you are demanding and if it isn't provided then you'll say no evidence is provided. You're not fooling anyone. Everybody knows what you're like.) Here are a few examples. A couple are from an industry-wide security policy clearinghouse. Another is from a large security product vendor. The final one from an even larger security product vendor that is quoting the Australian Signals Directorate. I already know that you're going to come back and argue semantics about what these security practices say really say. All I'm going to say is that Microsoft offers multiple mechanisms to disable or even remove many things on Windows. If Microsoft did not intend nor want users to disable stuff on Windows, then it would not provide the means to do so. Microsoft's fundamental precept is that if it can be disabled without breaking the OS, then disable it. It even provides lists to its clients that state that things such as PowerShell or Windows Script Host, among others, can be disabled for the best level of security. That has always been the first rule of ASR. Furthermore the industry itself has many projects, and ultimately researchers have shown that the best security is provide by disabling processes. Millions of end users adhere to this advice full-time. They've literally been doing it for the past 20+ years without the sky falling. Arguing that things such as Control Panel are vital OS resources is amateur hour on your part. Control Panel is not a vital resource. Never was. Never will be. And switching a boolean OFF to access Control Panel when rundll32 is disabled is so easy a beginner can do it. Not only that, depending upon the implementation, there's ways to access control panel even with rundll32 disabled without disabling the protection. [ATTACH type="full" alt="Capture - Copy (2).PNG"]250310[/ATTACH] [ATTACH type="full" alt="Capture - Copy.PNG"]250312[/ATTACH] [ATTACH type="full" alt="Cap1 - Copy.PNG"]250313[/ATTACH] [ATTACH type="full" alt="Cap2 - Copy.PNG"]250314[/ATTACH] [/QUOTE]
Insert quotes…
Verification
Post reply
Top