Security Site Forum  

Go Back   Security Site Forum > Technology > Internet and Computer Security
Reload this Page What do AV Products do and how are they tested?

Reply
 
Thread Tools Display Modes
What do AV Products do and how are they tested?
Old
  (#1 (permalink))
SSF Silver Member
 
A Guy's Avatar
 
Status: Offline
Posts: 906
Join Date: Jan 2009
Location: No matter where you go, there you are
What do AV Products do and how are they tested? - 11-08-2009, 04:42 AM
After writing the previous entry on vendor-sponsored tests and seeing comments about it, I thought it might be good to explain what AV products do, how they typically gets tested, and how they should be tested. And, I will discuss a bit in a more thorough fashion what is wrong with the testing that was performed by Dennis Technology Lab. I had attempted in the previous posting to illustrate the uselessness of the DTL testing with humor—it did not work with some people (especially at least one Symantec person). So, here is a more straightforward approach.

I thought it would be good to start with a basic tutorial on what antivirus software does…….

The bad guys are trying to get a bad payload (malware) into the user’s computer. This malware/payload could be benign (such as current Conficker) or it could be designed to steal passwords, bank information, open a backdoor for a hacker, etc. The malware can also be a virus, spyware, Trojan horse, etc. It makes no difference in the detection and that is why all good AV/security products include anti-spyware capabilities. Regardless, the purpose of AV is to stop the bad guy from getting the malware into the computer. In the past these attempts were made almost entirely through emails—sometimes SPAM email and sometimes email received from a trusted source with an infected computer.

Currently we see that over 80% of infection routes are via internet browsing. Sometimes the infections come from know bad sites (often hacking sites, sex sites, etc.). But these days, mostly they come for a bad guy infecting a legitimate website. These infections are usually a java script that once downloaded and executed on the user’s computer installs a piece of malware.

Now, there are also other means to infect a user computer (such as over the network, a hack attack, etc.). But as the email and website vectors are the two most common, I will concentrate on them. First, here is a simple diagram showing what an AV product does to provide protection during these activities.

[Only registered and activated users can see links. ]

A Guy
   
Reply With Quote
 
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Webroot 100% Retail products DeVi8i0n Windows 95/98/Me/NT/2000/XP/Vista/Win7 12 09-30-2009 12:20 AM
Adobe cs3 products.. freestylerboy Internet and Computer Security 2 10-21-2007 05:12 PM



Powered by vBulletin® Version 3.6.8 PL2
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.

...... XXX adult password pass board forum
Stand With Haiti

Page generated in 0.06941390 seconds (64.68% PHP - 35.32% MySQL) with 16 queries
Contact Us - Security Forum - Archive - Top