Breaking AV Software

Nikos751 · Apr 4, 2014

venustus said:
Just my personal experience in testing these products for a very long time
F-Secure uses the BD engine but it is a multi-engined av solution with it's own in-house modules included!
PS:It's very late here in Sydney and I am too tired to elaborate further!
Maybe tommorrow

Thanks!

I should have had that in mind

Goodnight! Check again my post tommorow if you 'd like, as I 've edited it a moment ago.

Venustus · Apr 4, 2014

Nikos751 said:
I should have had that in mind Goodnight! Check again my post tommorow if you 'd like, as I 've edited it a moment ago.

Thanks!
Good afternoon

Deleted member 178 · Apr 4, 2014

Nikos751 said:
so it's good not to gain "deep" priviledges to provide protection.
So, which products are less intrusive?

Webroot SA for the win

Nikos751 · Apr 4, 2014

Umbra Polaris said:
Webroot SA for the win

Did you read about my last years malware experience?

It was my real system.

Ink · Apr 4, 2014

Nikos751 said:
I 've tested malware in VM that can disable such protections. So, I cannot be fully convinced on that xD

That applies to all antivirus products though. When people test products against malware, they should expect the product to fail somewhere along the line.

That's why YOUR mouse clicks matter.. http://malwaretips.com/threads/your-mouseclick-matters-guide.15812/

Nikos751 · Apr 4, 2014

Huracan said:
That applies to all antivirus products though. When people test products against malware, they should expect the product to fail somewhere along the line.

That's why YOUR mouse clicks matter.. http://malwaretips.com/threads/your-mouseclick-matters-guide.15812/

Hahaha, I 've read this, and it's really useful for users.

Ink · Apr 4, 2014

So why are you not convinced by Windows 8 security?

Deleted member 178 · Apr 4, 2014

Nikos751 said:
Did you read about my last years malware experience?
It was my real system.

Did you read about my last years malware experience?

sure you not because i don't had, security softs are just my second defense line

Nikos751 · Apr 4, 2014

Umbra Polaris said:
Did you read about my last years malware experience?

sure you not because i don't had, security softs are just my second defense line

I don't get what you say, could you write it more clearly?
That was before I become a member here and got educated on PC security.

Nikos751 · Apr 4, 2014

Huracan said:
So why are you not convinced by Windows 8 security?

Because, I just want some more security.

Jaspion · Apr 4, 2014

So this guy could easily find those exploits in so many products like anything based on Bitdefender and especially BD itself, Avast, AVG, Avira, Clam, Comodo, DrWeb, eScan, ESET, F-Prot, F-Secure, Panda, and more, but not on Vipre, Norman, Cyren or Agnitum-based products, and also I saw no mention of Norton or McAfee. Interesting.

Ink · Apr 4, 2014

@Jaspion There was a report posted about a year ago, which I cannot find. But it did mention how, with McAfee installed the surface area of attack was increased. Is anyone can find it on the WWW, that'd be great!

@Nikos751 and some things never change.

Nikos751 · Apr 4, 2014

Jaspion said:
So this guy could easily find those exploits in so many products like anything based on Bitdefender and especially BD itself, Avast, AVG, Avira, Clam, Comodo, DrWeb, eScan, ESET, F-Prot, F-Secure, Panda, and more, but not on Vipre, Norman, Cyren or Agnitum-based products, and also I saw no mention of Norton or McAfee. Interesting.

I think he did not publish the whole list. Kaspersky for example was not on the vulnarable list, but you can see it being referred for not having aslr in all libraries.

Jaspion · Apr 4, 2014

Huracan said:
@Jaspion There was a report posted about a year ago, which I cannot find. But it did mention how, with McAfee installed the surface area of attack was increased. Is anyone can find it on the WWW, that'd be great!

@Nikos751 and some things never change.

Thanks. I can se it is probably a case of which products are harder to beat, but there's nothing unbeatable. Still, knowing who's the thoughest is good.

Nikos751 said:
I think he did not publish the whole list. Kaspersky for example was not on the vulnarable list, but you can see it being referred for not having aslr in all libraries.

Can someone explain to me this ASLR thing, please?

Nikos751 · Apr 4, 2014

@Huracan , do you refer to my insist on using 3rd party products?

Nikos751 · Apr 4, 2014

@Jaspion Address space layout randomization (ASLR) is a computer security technique involved in protection from buffer overflow attacks. In order to prevent an attacker from reliably jumping to a particular exploited function in memory (for example), ASLR involves randomly arranging the positions of key data areas of a program, including the base of the executable and the positions of the stack, heap, and libraries, in a process's address space.

Jaspion · Apr 4, 2014

Nikos751 said:
@Jaspion Address space layout randomization (ASLR) is a computer security technique involved in protection from buffer overflow attacks. In order to prevent an attacker from reliably jumping to a particular exploited function in memory (for example), ASLR involves randomly arranging the positions of key data areas of a program, including the base of the executable and the positions of the stack, heap, and libraries, in a process's address space.

Thanks! That sounds like it should be on any serious security product.

Deleted member 178 · Apr 4, 2014

Nikos751 said:
I don't get what you say, could you write it more clearly?
That was before I become a member here and got educated on PC security.

Just kidding you, i Meant i was never infected while using any kind of AVs (even if reputed strong or weak)

So the users habits primes over any softs

Jaspion · Apr 4, 2014

Umbra Polaris said:
Just kidding you, i Meant i was never infected while using any kind of AVs (even if reputed strong or weak)

So the users habits primes over any softs

Definitely. The best way to avoid losing a fight is to avoid the fight itself.

Venustus · Apr 4, 2014

Nikos751 said:
I think he did not publish the whole list. Kaspersky for example was not on the vulnarable list, but you can see it being referred for not having aslr in all libraries.

Hi Nikos!
Kaspersky is one of the few products to have a very good exploit prevention technology embedded in it!
ASLR is used heavily by Kaspersky!But Kaspersky also has it's own unique technology in preventing exploits very efficiently!

Take a look at this technical article:
https://www.securelist.com/en/analysis/204792303/Filling_a_BlackHole
"The Automatic Exploit Prevention engine relies heavily on Address Space Layout Randomization, or ASLR. Many malware packages rely on finding vulnerable data at specific memory addresses where such data is customarily stored. ASLR randomly shifts such data around in RAM, thwarting malware’s attempt to find it. Kasperky claims that Automatic Exploit Prevention blocked the BlackHole exploit pack 100 percent of the time. That kit drives 95 percent of phishing exploits, according to company. Kasperky is the first security firm to include ASLR in its products for Windows 7. It’s already in iOS, Android, and will be included in Windows 8."

Regards

Search

Breaking AV Software

Nikos751

Level 20

Venustus

Level 59

Deleted member 178

Nikos751

Level 20

Ink

Administrator

Nikos751

Level 20

Ink

Administrator

Deleted member 178

Nikos751

Level 20

Nikos751

Level 20

Jaspion

Level 17

Ink

Administrator

Nikos751

Level 20

Jaspion

Level 17

Nikos751

Level 20

Nikos751

Level 20

Jaspion

Level 17

Deleted member 178

Jaspion

Level 17

Venustus

Level 59

Similar threads