Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Sep 30th, 2008, 6:52pm
   Mischel Internet Security Forum
   Internet Security
   General (Moderators: Helena, Gavin_Coe, Magnus)
   Virus : Packed & Unpacked		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: Virus : Packed & Unpacked  (Read 424 times)
mozar
Highly Honored Mass-Poster
*******





   


Posts: 1524
Virus : Packed & Unpacked
« on: Feb 18th, 2003, 10:47pm »		 Quote Quote  Modify Modify
    Hello  ,
 
     Yesterday there was a topic at DSL Security Forum  and  it has finished  without  all  the  information I was looking for .
     As  I  am  really  curious  about  the  question  I  would  appreciate  any  contributions  about  the  issue  here .
 
   So  ,  here  is  the  link  :
 
http://www.dslreports.com/forum/remark,6023085~root=security,1~mode=flat
 
    Regards ,
     mozar
IP Logged
maxqnz
Newbie
*




Walekam salaam, noho ora mai!

   
WWW  

Posts: 26
Re: Virus : Packed & Unpacked
« Reply #1 on: Feb 18th, 2003, 11:01pm »		 Quote Quote  Modify Modify
on Feb 18th, 2003, 10:47pm, mozar wrote:
    Hello  ,
 
     Yesterday there was a topic at DSL Security Forum  and  it has finished  without  all  the  information I was looking for .
     As  I  am  really  curious  about  the  question  I  would  appreciate  any  contributions  about  the  issue  here .
 
   So  ,  here  is  the  link  :
 
http://www.dslreports.com/forum/remark,6023085~root=security,1~mode=flat
 
    Regards ,
     mozar

 
 
What was missing, mozar? As I read the thread, the gist was that most AVs don't keep up with ew packing techniques, and so fail to recognise malware packed or compressed with these newr methods. However, Randy pointed out that, while recognising them packed is preferable, a decent app, like THGuard, will catch them when they attempt to execute anyway.  What did I miss?
IP Logged
ओ पालनहारे, तुमरे बिन हमरा कौनों नहीं
What's a pieriansipist?
mozar
Highly Honored Mass-Poster
*******





   


Posts: 1524
Re: Virus : Packed & Unpacked
« Reply #2 on: Feb 18th, 2003, 11:40pm »		 Quote Quote  Modify Modify
  What was  missing  was  the  numbers . If we had an incidence of , say , only 2.3% in all the viruses incidents last year we have a scenario . But if the proportion of packed viruses have  increased perceptibily last year , we have another scenario here .
  In other  words , if  the packed viruses are  not a real threat an AV vendor must not include this capabilitie in its  product .
  But if  the packed viruses  have a massive presence detected  in the wild  an AV vendor has to  include this capability  to  maintain its competitivness .
  That is the motive I have asked for empirical evidence , stats .
   
   And  ,  behind  all that  , there is  always  the last  post  of Randy Bell in that  topic .
 
  maxqnz , imagine you are a newbie and you are  going to buy an AV . You read Virus Bulettin and you read the Rokop test  , you will buy NOD/NAV  or you buy KAV/ McAfee  ?  
  Remember , you are a newbie , you just want the best protection , and you already have an AT and a FW.
 
   Regards ,
     mozar
IP Logged
maxqnz
Newbie
*




Walekam salaam, noho ora mai!

   
WWW  

Posts: 26
Re: Virus : Packed & Unpacked
« Reply #3 on: Feb 18th, 2003, 11:51pm »		 Quote Quote  Modify Modify
on Feb 18th, 2003, 11:40pm, mozar wrote:
  What was  missing  was  the  numbers . If we had an incidence of , say , only 2.3% in all the viruses incidents last year we have a scenario . But if the proportion of packed viruses have  increased perceptibily last year , we have another scenario here .
  In other  words , if  the packed viruses are  not a real threat an AV vendor must not include this capabilitie in its  product .
  But if  the packed viruses  have a massive presence detected  in the wild  an AV vendor has to  include this capability  to  maintain its competitivness .
  That is the motive I have asked for empirical evidence , stats .
   
   And  ,  behind  all that  , there is  always  the last  post  of Randy Bell in that  topic .
 
  maxqnz , imagine you are a newbie and you are  going to buy an AV . You read Virus Bulettin and you read the Rokop test  , you will buy NOD/NAV  or you buy KAV/ McAfee  ?  
  Remember , you are a newbie , you just want the best protection , and you already have an AT and a FW.
 
   Regards ,
     mozar
 

 
 
OK, I get that now, hard stat.s, yes they would be useful. As your "if I were a newbie" question, I can't really answer that, as my loathing of all things Norton is too deepseated - you couldn't pay me to have Norton on my box.
IP Logged
ओ पालनहारे, तुमरे बिन हमरा कौनों नहीं
What's a pieriansipist?
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register