Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
NotPetya vs Comodo Firewall
Message
<blockquote data-quote="cruelsister" data-source="post: 647552" data-attributes="member: 7463"><p>Andy- whether on a single computer or a computer connected to a Network (either through LAN or hard wired), an infection has to start at a given point. So one can extrapolate the effects- say on a thousand computer Network a single Endpoint is infected- can the malware gain Network access (like an info-stealer on a Home machine), can it successfully set up connections to the TOR network (like EternalRocks), or can it infect connected drives (like a common Worm)? If these have in the past have been shown to be blocked, one can be rather comfortable about things,</p><p></p><p>But what about some new and yet undisclosed exploit, like FSB stuff that God Forbid WikiLeaks would EVER acknowledge. What about these?</p><p></p><p>Note that exploits such as these are not the malware vectors themselves- they essentially just open a path for the actual malware to spread. Even if such stuff is undetected and allowed to establish itself, will it necessarily allow a Network to be trashed? Consider a prison analogy- what good would it be if an exploit opens the Cell door when the prisoner (malware) is chained to the wall? So it is with virtualization- if the actual malware is contained and can't get out of containment (not even able to infect an Endpoint), does it matter that a Network connection is open for it when it can never actually utilize it?</p></blockquote><p></p>
[QUOTE="cruelsister, post: 647552, member: 7463"] Andy- whether on a single computer or a computer connected to a Network (either through LAN or hard wired), an infection has to start at a given point. So one can extrapolate the effects- say on a thousand computer Network a single Endpoint is infected- can the malware gain Network access (like an info-stealer on a Home machine), can it successfully set up connections to the TOR network (like EternalRocks), or can it infect connected drives (like a common Worm)? If these have in the past have been shown to be blocked, one can be rather comfortable about things, But what about some new and yet undisclosed exploit, like FSB stuff that God Forbid WikiLeaks would EVER acknowledge. What about these? Note that exploits such as these are not the malware vectors themselves- they essentially just open a path for the actual malware to spread. Even if such stuff is undetected and allowed to establish itself, will it necessarily allow a Network to be trashed? Consider a prison analogy- what good would it be if an exploit opens the Cell door when the prisoner (malware) is chained to the wall? So it is with virtualization- if the actual malware is contained and can't get out of containment (not even able to infect an Endpoint), does it matter that a Network connection is open for it when it can never actually utilize it? [/QUOTE]
Insert quotes…
Verification
Post reply
Top