Re: How good is virus scan and firewall offered by MSN for free

Please explain how address munging is "HARMFUL!!!".

--

Gary S. Terhune
MS-MVP Shell/User
http://grystmill.org/articles/cleanboot.htm
http://grystmill.org/articles/security.htm

"Stefan Kanthak" <postmaster@[127.0.0.1]> wrote in message
news:Op3PuNsGHHA.5000@xxxxxxxxxxxxxxxxxxxxxxx
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:

Your line length sucks. How about breaking them near column 70?
And address munging IS HARMFULL!

From: "Stefan Kanthak" <postmaster@[127.0.0.1]>

[Avira and FP]

A False Positive that was quickly corrected. All AV vendors have False
Positives. Avast
recently was generating False Positive onm MS Web Pages using IE7
declaring VBS:Zulu. It
took ~60 days for Avast to fix that one !

Interesting argument: because another AV scanner was/is worse
the MANY false positives Avira had in the (recent) past are
better?
JFTR: I know this scanner and it's predecessor for years and
found it to be the one with the highest FP rate!

|
Now if you decide to go with a new PC with WinXP, I would suggest
Kaspersky or NOD32 anti
virus.
|
| No, with WinXP AV is superfluous (at least an on-access scanner):
| create a restricted user account and enable the (standard) Software
| Restriction Policy which allows execution only in %SystemRoot% and
| beyond and %ProgramFiles% and beyond.
|
| Stefan



You are clueless !

That's what I call an argument.
BTW: spaces in front of exclamation marks as well as other signs are
bad style!

While a restricted user is always beneficial, malware can and will
circumvent this.

What "this"? The restricted user or the SRP.
I take your word: show me the PoC where malware will compromise the
system.

Oh, and of course: don't bother to search for malware which has already
circumvented AV and other scanners (as well as desktop firewalls and
SOHO NAT routers). There's plenty of it. Their users thought to be or
felt sure. But they are and were not sure at all!

All these toys operate AFTER the fact, they don't cure the cause, they
treat the symptoms.
And: every additional software increases the complexity and enlarges
the attack surface. A thoroughly hardened system but tackles the cause
and minimizes the attack surface.

Stefan



.

Relevant Pages

  • Re: How good is virus scan and firewall offered by MSN for free
    ... because another AV scanner was/is worse ... the MANY false positives Avira had in the past are ... The restricted user or the SRP. ...
    (microsoft.public.security)
  • RE: New Version of Retina Nimba Scanner
    ... New Version of Retina Nimba Scanner ... I'm seeing false positives from boxes that are sharing our their attached HP ... infections. ...
    (Incidents)
  • Re: An alle PayPal-User: Hilfe, brauche eure Erfahrung
    ... Virustotal.com ist auch weitgehend ergebnislos (Bitdefender liefert dort ... aber nach meiner Erfahrung neigt ... der zu False Positives, insofern bin ich da skeptisch, da alle anderen ... Scanner dort nichts melden). ...
    (de.etc.finanz.misc)
  • use of HP scanner as restricted user
    ... experience with a brand that works more fluent with XP? ... >3200C scanner and it have ... >Just remember to still keep them in the Restricted User ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Kein Internet nach Servicepack 2 Install
    ... AntiVir wird täglich aktualisiert und verursacht ... Mir ist kein Scanner mit einer höheren ... > Rate von False Positives bekannt. ...
    (microsoft.public.de.german.windowsxp.networking)