Gladiator Security Forum > HIPS Tests @ Antimalware.ru

Full Version: HIPS Tests @ Antimalware.ru

Gladiator Security Forum > Security Software & Hardware > Anti-Virus, Anti-Malware, Anti-Spyware & Privacy

Chachazz

Apr 28 2009, 12:48 AM

"In this test, we conducted a comparative analysis of popular antivirus and personal network screens that are in the structure components of HIPS (Host Intrusion Prevention Systems), on the possibility of preventing the penetration of malicious programs on the level of the nucleus (hereafter Ring 0) of the operating system Microsoft Windows. If the malicious program manages penetrate to the level of the kernel, it gets full control over the victim's computer."

Click to view attachment

English - Translated page:
http://translate.google.com/translate?hl=e...antimalware.ru/

Russian homepage;
http://antimalware.ru/

RRB

May 1 2009, 05:59 PM

I think that this test is not serious because this test does not cover all methods of "loading" in the OS-kernel and resistance to "loading" in the OS kernel is not top priority of Anti-Virus'es.

TheSentinel

May 3 2009, 05:53 PM

Hi RRB

can you proof your statement or is a believing like one?

Regards
B. Udo

RRB

May 9 2009, 07:21 PM

Hi, The Sentiel!

Sorry, that forced a long wait.
I can proof my statement:

QUOTE (RRB @ May 1 2009, 11:59 PM)

this test does not cover all methods of "loading" in the OS kernel and for Anti-Virus'es resistance to "loading" in the OS kernel is not their top priority.

Top priority of Anti-Virus systems are detection of malware and treatment of active infection.
Resistance to "loading" in the OS kernel is one of the main priorities of proactive protection systems because top priority of proactive protection systems is prevention of active infection, but not detection and treatment of active infection.

--
Yours faithfully,
Rashevskiy Roman.

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.