Re: Seek on-demand AV scanner to complement NAV

From: FromTheRafters (!0000_at_nomad.fake)
Date: 09/21/03


Date: Sun, 21 Sep 2003 16:50:36 -0400


"Martin C.E." <martin_2003@mail.com> wrote in message news:Xns93FDBD5965254835A@130.133.1.4...
> "FromTheRafters" <!0000@nomad.fake> wrote:
>
> >> PS - I had thought about F-PROT but I heard that it is not
> >> keeping it definitions as up to date as it should and has not
> >> been catching the latest WEN worm as quickly as it might have.
> >
> > Anybody getting caught by the day zero effect is doing something
> > else wrong. F-prot is still good, but you always must supplement
> > your on demand scanning with other safe practices.
>
> What is the day zero effect?

It is that critical span of vulnerability between the time a particular
malware is unleashed, and the time that detection critieria is added
to the anti-virus programs to try and protect you.

1) Malware is unleashed
2) Malware becomes noticed (pops up on the "radar" so to speak)
3) Malware is analyzed, and a suitable criteria formed for its detection.
4) The detection criteria made available for those who actively seek it.
5) The detection criteria is added to the definition set to be downloaded.
6) You update your AV which implements the new definition.

Day zero can be week zero, month zero, maybe even never zero
if step 2 is not reached.



Relevant Pages

  • Re: Whats the best rotation of AV programs for Windows 7? Bestfreewares? Best paid?
    ... The whole AV situation is a crock of shit, and has been for 5 to 7 years ... ever since the rise of polymorphic malware. ... Seems Virus Guy raised two good points: morphing malware is hard to spot and there's no defense to Zero Day Attacks. ...
    (alt.comp.anti-virus)
  • Re: Seek on-demand AV scanner to complement NAV
    ... >> Anybody getting caught by the day zero effect is doing something ... Malware is unleashed ... The detection criteria is added to the definition set to be downloaded. ...
    (comp.security.misc)
  • Re: Need Recommendation
    ... If you don't use that method regarding incoming attachments, ... You will be susceptible to any zero day malware ... The reason viral malware writers aim for that window is because your ... your paranoia and remove the tin foil from your heads! ...
    (alt.comp.anti-virus)
  • Re: Unusual slow star-up - advice requested.
    ... I'd be very suspicious of malware since Googling returns *zero* ... hits for it. ...
    (microsoft.public.windowsxp.perform_maintain)
  • Re: Solar activity and GPS accuracy..
    ... But of course solar activity has NO ZERO ZIP NADA NONE effect on global ... Who said that solar activity has "zero effect" on global warming? ...
    (rec.boats)