Different AV vendors will always maintain their own followings. Some will whole heartedly stand by what works best for them, while others will base their judgement on what others say, just to go with the flow.
Granted no AV is perfect, some have an better interface then others, some clean better then others, while some will hog your box to a point where your lucky if you can bring up the task manager.
Either way Virus Bulletin seems to be the one all the AV Vendors want to get a great score from, as they are quick to make note to potential buyers of their VB100% award. Just what exactly is the VB 100 award?
Full Version: Av Reviews -
| QUOTE |
| The VB 100% logo is awarded to anti-virus products that: o Detect all In the Wild viruses during both on-demand and on-access scanning in Virus Bulletin's comparative tests. o Generate no false positives when scanning a set of clean files. Virus Bulletin's aim is to offer subscribers the best impartial advice about anti-virus security and the products on offer. The VB website lists the outcome of comparative tests as follows o by vendor o by platform o a summary of the most recent comparative test |
With that in mind one should also keep in mind
| QUOTE |
| A VB 100% award means that a product has passed our tests, no more and no less. The failure to attain a VB 100% award is not a declaration that a product cannot provide adequate protection in the real world if administered by a professional. We would urge any potential customer, when looking at the VB 100% record of any software, not simply to consider passes and fails, but to read the small print in the reviews. |
yea i like that site,
good independant AV analysts,
andywhere heres me
Result summary: 24 passes / 11 fails
- Success / Failure / No Entry
Vendor website: http://www.norman.com/
good independant AV analysts,
andywhere heres me
Result summary: 24 passes / 11 fails
- Success / Failure / No Entry
Vendor website: http://www.norman.com/
nice site but i guess a good quality to look for in an AV is how many lesser know virus/trojans/malware it detects
Result summary: 23 passes / 13 fails
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.kaspersky.com/
I used to use trend micro, it looks good in the tests too. Its small and easy
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.kaspersky.com/
I used to use trend micro, it looks good in the tests too. Its small and easy
Result summary: 25 passes / 6 fails
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.symantec.com/
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.symantec.com/
Result summary: 28 passes / 3 fails
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.nod32.com/
Hmm nod ratings are very good . It seems to be the fastest antivirus (yup very fast scanning) available .
WOrth a try
:D:D
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.nod32.com/
Hmm nod ratings are very good . It seems to be the fastest antivirus (yup very fast scanning) available .
WOrth a try
:D:D
| QUOTE |
| i guess a good quality to look for in an AV is how many lesser know virus/trojans/malware it detects |
Good point nuorder - I would say the best function of any AV would be it's ability to maintain an effective integrity check of the system.
Though if I'm not mistaken Heuristics also plays a function in being able to determine undocumented malware.
With elements such as the "sandbox" in use by an AV as well, there is some sense of safety. But then again sometimes which seems to occur more often then not, the Sandbox concept doesn't work as effectively as one would like. If the concept was extremely effective Bagel/MyDoom/Nimda all would have been controlled instead of making its worldwide debut.
So just what exactly is needed to make an AV effective? Depends on who you ask and if their willing to give you a straight answer or one that would prevent them from having a resume generating moment.
InfoSec mag had a pretty decent article back in
May 2002 regrading some of the myths of AV. The CISO Strategies article The Great AV Myth from InfoSec mag also had some interesting points.
Regarding Integrity Checkers Dmitry Mostovoy wrote an interesting peice as well.
With all the malware being created can one element stay on top? My opinion is no. If there was one AV that did the ultimate job in identifying, removing, cleaning, renaming, or isolating malware there would not be AV Vendors- Trojan Scanners- or Hardware to ride within an enterprise to detect worm anonmolies.
All we can do is the best with what we have before us. Me I use Nod32 and have had pretty good luck with it. Not saying I think it's the best but just haven't had any major issues with it. With the DMON being added to Nod32, I think it packs a good punch.
Result summary: 28 passes / 3 fails
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.nod32.com/
[QUOTE]From Nuorder:nice site but i guess a good quality to look for in an AV is how many lesser know virus/trojans/malware it detects
Try these to satisfy that urge..Still haven't gotten the balls to buy them yet, but tried them out. Pretty cool and aimed at the new virii, and polymorphic ones..
SurfinGuard from Finjan
Uses a "sandbox" to test apps...
InVircible Software
Doesn't rely on definition updates
Try'em out.
Best Regards,
U533m3n0t
Try these to satisfy that urge..Still haven't gotten the balls to buy them yet, but tried them out. Pretty cool and aimed at the new virii, and polymorphic ones..
SurfinGuard from Finjan
Uses a "sandbox" to test apps...
InVircible Software
Doesn't rely on definition updates
Try'em out.
Best Regards,
U533m3n0t
Norman uses "sandbox" technology :-)
pretty good tools U533m3n0t ill try em out
a virtual machine always comes in handy too - just to watch it die hahah
a virtual machine always comes in handy too - just to watch it die hahah
QUOTE(andydis @ Aug 28 2004, 02:28 AM)
Norman uses "sandbox" technology :-)
To resurrect a dead thread here (but this is a good thread, one I have come back to a few times!) -
Norman does indeed use "sandbox" technology - however, not with realtime scanning. A huge disadvantage.
I've only had their latest product in my honeypot for a couple of nights, but so far their definitions are seriously lacking and there is a lot of stuff getting in.
If you ask me i think there website is a load of shit.
They basically making out Kaspersky to be bad, and they rated Norton good.
They basically making out Kaspersky to be bad, and they rated Norton good.
I don't think you should trash the site bro. It's "a" source, and pretty good as well. They base it on a series of tests they run to adhere to a "standard". So friend, use it as a benchmark tool. Not as the final word. Best way to come up with what's best for you is to download a demo <which all the good AV's offer>, and do your own testing. Then you decide when to commit the $$. 
Result summary: 26 passes / 11 fails
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.sophos.com/
Really dont care how many tests it works. its simply the best i have ever used. which have included the norton things kav etc.
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.sophos.com/
Really dont care how many tests it works. its simply the best i have ever used. which have included the norton things kav etc.
QUOTE
Result summary: 28 passes / 3 fails
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.nod32.com/
Performance graph: - Success / Failure / No Entry
Vendor website: http://www.nod32.com/
2nd that nod32 rules only 7mb
this report is biased, it purposely boasts Symantec products because most people who run Virus Bulletin are either funded directly or indirectly from Symantec, for instance Peter Szor which gives the magazine it's "reputation".
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
