My prediction? Like a smart co-worker of mine says, in these situations physics does not apply and two rocks tied together sink faster than one.

This whole thing also got me thinking about proxies and their role in network security. If you think about it, proxies are not a natural choice when it comes to networking.  They are slow, they add significant latency, and they break all applications for which they are not specifically designed to support. Proxies have traditionally supported very few applications due to the need to pretty much redevelop an entire application – both client and server – to support it. So why are proxies being positioned as a network security tool?

I have heard many reasons throughout the years why proxies are better than traditional packet-based firewalls. But the reality is that proxies have never dominated the security market, and proxy companies have generally not done very well. This includes TIS, which ended up being McAfee’s firewall, then got sold to Secure Computing, but is now returning back to McAfee (yes, my head is spinning just reading it).  This also includes Secure Computing’s Sidewinder, Raptor (which was killed by Symantec), and other minor, irrelevant players you probably have not heard about.

At one point, TIS excused its proxy’s limited market acceptance by saying Check Point had a better GUI and was easier to manage. I have a different perspective: Proxies have failed because they are hard to use and not because they are hard to manage. Putting a proxy on the network puts unnecessary restrictions on the business, as to what the Internet can be used for. With a proxy, the business is limited to using only the applications that the proxy supports. Consequently, a proxy limits the business instead of enabling it!

Anyway, back to the arguments of why proxies are supposedly better than packet-based firewalls. All these arguments are centered on a single point – proxies are better than packet filtering firewalls because they are more secure. The evidence for this claim ranges from borderline ridiculous (such as that terminating a TCP connection and opening a new one while merely copying the data makes the connection more secure) to the more reasonable arguments (proxies perform protocol validation which can prevent some exploits against servers). This last argument is pretty much the only reasonable argument I have heard about why proxies are better than packet-based firewalls. Of course, all modern Intrusion Prevention Systems do the same without the drawbacks of a proxy thus rendering the need for a proxy questionable. 

With all that said how come McAfee paid so much money for a proxy? And why is BlueCoat still selling a lot of their proxies? The answer IMHO (well, scrap the H) is that enterprises are facing a new security challenge that traditional packet-based firewalls cannot address. I have previously talked about this need in my blog – the need to control users and applications. Proxies can provide 20% of the solution, but that means 80% of applications cannot be controlled by a proxy (again, this places restrictions on the ability of a business to leverage the Internet). Even worse, there are also proxy-bypass applications out there that will run everything through a proxy.  But even with these limitations, there are still some customers that continue using proxies because they feel an urgent need to control users and applications.

However, I am seeing a trend of enterprises trying to find a better solution for controlling applications than a proxy. Even BlueCoat recognizes this and is now moving from security towards application acceleration. This trend is a result of two things – awareness of how proxies can’t really control applications (proxy bypass programs, non port-80 applications, etc) and more importantly, more and more applications cannot work through a proxy. In the end, all of this exacerbates the need for a security solution that is genuinely effectively in controlling all users and applications.

Nir.

There are different ways, by which your network can be hacked. They are as follows:

• Viruses - most common form of attack
• Denial of service attacks
• Trojans
• Password attacks
• Port scanning and spoofing etc.

I have no idea what most of these above words are but I know that the most important thing is to keep my computers, networks, and websites safe from these problems. Normally your network system might have some loopholes from where some unauthorized entries can interrupt the process. You need to find out those loopholes and block them to secure the network. But sometimes you might miss some points and your network may not be fully secured. In this kind of situation, Hackersafe plays a big role.

A third party tool (scanner) will scan your network where you host your website and credit card information. Once the scanning service is sure that there are no loopholes or vulnerabilities, from where your network can be hacked, they will approve the security and provide you with a certification about the safety of your network. This certification is known as the Hackersafe Certification or PCI Scanning.

Benefits of being HackerSafe Certified:

Now it is important to know the benefits of the HackerSafe services, and why anyone should believe the security certification seal. Benefits are:

• Expertly organized scanning and notification – Each and every HackerSafe certification providers have some well known scanning system. It will scan the whole network in a very organized way and notify you about the errors and weaknesses that need to be fixed.
• Continuous validation of security – Continuous validation of security is another benefit of HackerSafe verification. They will continuously validate the security to locate any inaccuracies. Whether you have made the changes according to their suggestions that will be also validated by them.
• Assurance of zero false – In general the HackerSafe verification services will try to break the network security through different types of avenues and then they will come to a conclusion the network has vulnerabilities, from where it can be hacked. After you are aware of the issues with your network you will be notified to make the necessary changes and HackerSafe will determine whether you have made the changes according to their notifications.
• Assurance of only relevant, actionable information – They will do an in depth analysis of the content also, to figure out whether you have any irrelevant and non performing information in your network or not. If someone tries to enter in your network in an unwanted way, there is a chance that some irrelevant content is found within your system. HackerSafe can give you the assurance of only relevant content.
• Manual testing – Your network will go through different kind of manual testing during the HackerSafe verification process. Automated tools may skip some errors where you need any justification to point out the error, but manual testing can find errors that can be missed by the automated tools.

These are the benefits of HackerSafe and PCI Scanning. These services can ensure the security of your network from A to Z. Note: HackerSafe was officially acquired by McAfee on February 7, 2008.

1. Started McAfee VirusScan Console
2. Double clicked Access Protection
3. Highlighted the Anti-Virus Standard Protection category from the left column
4. Highlighted the Prevent mass mailing worms from sending mail rule in the right column



 

5. Pressed Edit
6. Under Processes to Exclude, I put my cursor at the end of the list of processes, which was winpm-32.exe in my case.  I typed a comma following winpm-32, exe, and then added a space and telnet.exe to the list
7.  I pressed OK twice, exited VirusScan Console, and was able to Telnet to my mail server.

La sicurezza (dal latino "sine cura": senza preoccupazione) può essere definita come la "conoscenza che l'evoluzione di un sistema non produrrà stati indesiderati". In termini più semplici è: sapere che quello che faremo non provocherà dei danni. Il presupposto della conoscenza è fondamentale da un punto di vista epistemologico poiché un sistema può evolversi senza dar luogo a stati indesiderati, ma non per questo esso può essere ritenuto sicuro. Solo una conoscenza di tipo scientifico, basata quindi su osservazioni ripetibili, può garantire una valutazione sensata della sicurezza.

(Da wikipedia)

Molti utenti si affidano ha prodotti gratuiti per quanto riguarda le soluzione antivirus. Un prodotto software specialmente antivirus va scelto non per il suo prezzo, anche se è importante, ma per la sua velocita di scansione capacita di individuare virus recenti e nuovi, la capacità euristica, ma anche per la sua leggerezza e la sua architettura.

Dai test av-comparatives (agosto208) si individua che i maggiori produttori di AV sono tutti alianeati. Una cosa molto strana che ho notato nei test: i prodotti "certificati" Advanced+ hanno individiato molti falsi positivi, es: AVG aaaamon.dll questo significa che il loro engine, secondo il mio personale pensiero,  è esposto ha falsi positivi anche nell'individuazionie di codive malware. Più un prodotto è basso in falsi positivi più risulta effettivo e non si incorre in malfunzionamenti del S.O. per Dll cancellate o programmi non funzionanti.

Un altro fattore da prendere in considerazione e la qualità della architettura del prodotto e la sua rimozione, facilità d'uso per l'utente conume. Molti prodotti free non hanno supporto, oppure sono di discussa rimozone quando si stenta di rimuvere il prodotto. un esempio per tutti è AVG 7.1 e 7.5 il prodotto aveva dei problemi per la navigazione in internet e in alcune macchine arriavano BSOD, o la macchina si rallentava e non caicava il S.O.  Navingando in rete e facendo ricerche ho notato che molti utenti che si sono affidati a prodotti come questi hano avuto seri problemi di funzionamento del S.O. e del browser.

Per mia personale  esperinza sul campo, nella realtà, e quindi non dovuta a test in laboratorio ho notato che nei PC in cui miei clienti, amici e conoscenti cui avvevano  instalato  AVIR, AVG, AVAST ho riscontrato una maggiore infezione delle macchine di virus troian, e backdoor. rispetto ha soluzioi concorrenti.

Ci sono numerose soluzioni antivirus di vari vendor se volete un consiglio, da un trova-virus, due vendor di prodotti che meritano una sengalazione per i seguenti motivi:

1. Scansione veloce  
2. Euristica avanzata
3. Achitettura snella e leggera
4. Implementazione a Servizi
5. Facilita di configurazioen per un utente anche con basso profilo tecnico.

Questi prodotti sono:

• ESET NOD32 Antivirus 2.7 e 3.0 (ENG) (Antivirus, Anti spyware e rootkit)
• ESET Smart Security  3.0 (Antivirus + Filrevall+ Antispam) non venduta ancora in Italia
• Mcafee Plus (Antivirus + Filrevall+ Antispam)

Ha tutti sconsglio di usare il NORTON 360: è un prodotto pesante, i backup non sono fatti in maniera corretta, perchè in caso di perdita di dati, o di inaccessibilità al S.O. non posso ripristinare dal supporto di bakup, non memorizza i dati di bakup sul supporto, un errore gravissimo, credo che alla Symantec abbiano licenziato tutti i dipendenti dela Veritas  (SoftwareHouse specializata in Backup) dopo l'acquisizione alcuni anni fa.

Nasdaq Chart Shows Tech Stock Slide

Not that we in the technology industry haven't turned cautious on Wall Street. (But that is another story)

A wave of cuts to the growth expectations of technology companies, their earnings outlooks, stock ratings and overall market assessments appears to be building among Wall Street analysts as they take a second look at high-tech's ability to dodge the downturn and credit crisis. This comes even as the House of Representatives passed on Friday a Wall Street bailout package designed to flood the street with hundreds of billions of taxpayer dollars.

Several major firms took aim at Google, for instance, pointing to a slowing online ad market, the economic weakness now spreading to Europe, bank failures, the credit crunch and the stronger U.S. dollar, Among them were Morgan Stanley, American Technology Research, Jefferies and Collins Stewart.

White-shoe firm Goldman Sachs cut its estimates on software maker SAP.

Meanwhile at Thomas Weisel, analyst Time Klasell downgraded the infrastructure software sector and cut earnings estimates on companies such as Citrix, Microsoft, McAfee, Red Hat, Symantec and VMware.

Pacific Crest even said India-based outsourcers including Infosys and Wipro.

Closer to home, Barclays trimmed its price target for Apple shares to $135 from $180, and UBS shifted its rating lower in Adobe, Salesforce.com, Intuit and Symantec.

The technology heavy Nasdaq market already has had a rough couple weeks. It fell another 29 points today.

- I got a new laptop. It rocks! It's a special edition HP and is really beautiful.

- With the new laptop, I got my hands on vista and wifi at last. Vista is new, but the security is ridiculous. Every freaking window comes with a permission box. Talk about unproductive

- WiFi, being new to me WiFi is pretty much awesome. I am not allowed to have WiFi at my house, but my neibors have it. So I can check my email on my bed! It is so awesome! Downside: openDNS is a pain with my laptop, so I had to ditch it and hope firefox and mcafee can take care of me.

- I have an incredible desire to play simcity. It looks like a lot of fun.

- 12 cell laptop batteries are the junk. Man, 6 hours of battery life? No way!

- I am getting good grades in school. Especially all 3 computer classes.

- Some girl wants me now. It kinda is really nice to finally hear that. Your Junior year.

- I applied to Ukrops for some reason.

Well that sums it up. I need to use windows live writer and just draft stuff. Post again soon!

Perhaps you may relate to this that as a developer we all have to install so many different softwares, api's, development kits, and tools on our machines that by the time we are done setting that up our station, we somehow successfully manage to make it slow and dreadful regardless of how powerful or new the computer maybe.  Now that our employers require us to install an Anti Spyware tool on top of our existing Anti Virus and Firewall tools, that's even more taxing on our machines and its only bringing down our productivity levels.  So what do 90% of all developers I know do? 

Of course, they will find a way to disable them when no one is looking.  However this practice is quite risky not only for our networks, machines, communication, etc's safety, but also for the company who the developer works for in order for them to remain compliant and not avoid hefty penalties from the Payment Card Industry to whom they report to via On Site Audits, etc. 

The million dollar question remains though.  Which Vendor offers the best and the most light weight Anti Virus, Firewall, and Spyware Solution which will not cause more problems than what we already have on our stations?  Sure there are so many reviews online from PC Mag to Consumer Reports, but no one reviews it from a developers point of view.

From our experience at OMS Online, we have already tried Symantec, McAfee, & BitDefender solutions for about a year to two years each now.  They all have their kinks and they all slow down our machines.  If I had a choice I would recommend none of them and tell you to try something else.  But if you stuck a gun to my head and told me to chose one out of those 3 options, I would chose BitDefender most likely because though it has issues its probably the lightest amongst the three.  McAfee and Symantec both have issues where they mess up your networking settings specially during VPN connections, crash while developing apps, give weird issues, etc.  BitDefender also has a history of crashing while programming and its Firewall tool is not as configurable as McAfee's and Symantec's which prevents me from accessing certain things when I VPN into our corporate network, but atleast it doesn't bog down the computer as much as the other two.  We have reported this to BitDefender multiple times but they have never replied back with a solution for this particular issue.   

Our license with BitDefender is expiring in 5 days.  99% chance we will not be renewing with them.  Our eyes are currently set on GriSoft.com's AVG solution.  Perhaps you have some experience with this?  If so I would love to hear your feedback.  If not, maybe you will hear from me a year from now.  Wish us luck as I am hoping AVG from Grisoft.com will be the answer to all our developers problems and it will let us and our employer OMS Online remain PCI compliant.

http://www.entertainment.mastiminds.com/Main/Technologies/Softwares.html

1. release/renew just times out
2. disable/re-enable the nic
3. checked all the TCP/IP settings & checked the LAN settings
4. typed netsh interface ipv6 show neighbors into the cmd prompt to see if anybody on campus was broadcasting as a gateway
5. I've even gone into the registry to disable the broadcast flag.  NOTHING HAS WORKED.
6. Setting the network type to private instead of public if it's even set wrong.

I've spent hours and hours researching this online but so far have only come up with a couple more things to try.  One of which is doing a TCP/IP stack repair and the other just deals with disabling firewalls (windows and otherwise).  Has anybody actually found a solution that works?  This is driving me insane.

Edit: It appears that Norton and possibly McAfee cause some sort of problem.  I'm not exactly sure what yet.  We've tried disabling both programs, but that didn't work.  A student uninstalled Norton and was able to get online.  I like those programs less and less the more I work with them.

Most business owners assume that the computers that they have paid for come with anti-virus software installed. After all, why wouldn't they? Some computers do, but most come with a trial version which stops working after 60 or 90 days. Then, strange things start to happen. Sally in accounting begins to have extended outages with her computer. Bob in marketing can't figure out why his computer won't start up. The computers now have viruses and the costs of lost productivity begin to climb sky high.

I have worked with all the main brands--Norton, McAffee, etc., but I have found that these programs use a lot of resources on the computer and are overly complicated. Unless you have a dedicated IT team to manage this process for you, I have found that Avast's product line is leaner and meaner and works without interupting your work. Plus, Avast has a great home version which is free and just as good as the commercial product. Check out the product line at the link:

Avast Antivirus

Nacional:

A Publicidade do Governo
Tipos de campanhas:
-redução de mortes no trânsito
-Lei Seca
-ProJovem
-registro civil de nascimento
Os contratos são assinados pela Secom – Secretaria de Comunicação da Presidência da República.
Exemplos de agências contratadas: Matisse, Propeg e 141 Brasil.
Valores totais neste exemplo de até R$187,5 milhões.

ONU
Hoje o Governo Brasileiro defende na sessão de abertura da Assembléia Geral da ONU a vantagem e importância no investimento em obras aqui.

Economia:

‘Assets’ em valores de ontem e % em relação a sexta-feira
-Ouro 52,000R$/g +1,96%
-Dólar 1,793R$ -2,08%
-Bovespa 51.540 pontos -2,86%
-Dow Jones 11.015,69 pontos -3,27%
-Petróleo 120,92US$/barril +15,66%
Entendo que em função das puxadas de sexta-feira (recompras na baixa), houve ontem uma acomodação.
As fugas para ouro e dólar indicam que a busca de hedge continua e ainda não foi atingida a linha que suportaria o fim das quedas de papéis.
Um exemplo de recompra de baixa é o que estão fazendo nos EUA a Microsoft e a Hewlett-Packard, que confiantes na Economia e em seus projetos, estão aproveitando para iniciar a aquisição de seus papéis, num montante de US$53 bilhões. E ainda por cima, é tão grande a confiança em sua estratégia de longo prazo, que a Microsoft (recomprando US$40 bilhões num programa de cinco anos) anunciou que vai aumentar em 18% - de US$0,11 para 0,13/ação - o seu dividendo trimestral.
A Nike (artigos esportivos) segue um caminho similar.
As baixas nas bolsas são devidas a um processo de definição gradual das novas regras que vão dar rumo aos resgates financeiros nos EUA. O Governo estuda se compra os papéis ou parte das empresas detentoras dos ativos, como fez na semana passada com a seguradora AIG.

Internacional:

Egito
Seqüestro de turistas com notícias ainda imprecisas, inclusive sobre data da ocorrência que teria sido sexta e não ontem. O cunho parece ser financeiro e não político/religioso. As fronteiras do Egito são mal guarnecidas, e as vítimas teriam sido levadas provavelmente para o Sudão, ao Sul do Egito.
Mas fronteiras perigosas não são um privilégio do Egito. Ontem no Rio Paraná, no lago de Itaipu, traficantes atravessaram do Paraguai e liquidaram aqui 15 pessoas e retornaram. A região de fronteiras entre Paraguai, Brasil e Argentina é famosa pelo livre contrabando, tráfico e mesmo origem de atentados.
Sem dúvida este assunto de fronteiras é uma tarefa também para o Governo Brasileiro a fim de reduzir a concorrência ilegal que sofrem produtores daqui que se matam para pagar impostos, enquanto que ônibus entram lotados de muamba. Mas o problema Global é claro, com Receita, Polícia e Exército corruptos. É difícil imaginar, mas fronteiras dos EUA com o México continuam sujeitas a invasões.

Internet:

A McAfee, segunda maior fornecedora de software antivírus do Mundo, atrás da Symantec, planeja comprar empresa de segurança na Internet, a Secure Computing, por US$465 milhões a fim de poder oferecer aos clientes um pacote de produtos de software, serviços e hardware destinado a evitar que hackers consigam invadir redes de computadores.

For McAfee, which specializes in end-point user security (software running on PCs which protects from viruses), why did they make this acquisition? An important asset of Secure Computing, such as CipherTrust which was bought for $274M in 2006, which provides secure message handling for enterprises. A couple of Gartner magic quadrants from Dec 2007 show that it thinks highly of Secure Computing's enterprise web solution.

While consumer and enterprise anti-virus has been a good market for companies like McAfee and Symantec (which makes Norton Security), increasingly the enterprise is shifting towards more integrated security - especially as targeted corporate attacks increase while also increasing the need to protect data from leaving the corporation (through negligence or malice). Google's acquisition of Postini for greater message tracking was a sign that integrated compliance and message tracking is also becoming critical as part of any IT security deployment. Cisco has also been beefing up its NAC (Network Admission Control) security approach with the acquisition of Ironport, which is now selling very secure, enterprise gateways which integrate well with Cisco's mainstream portfolio of VPN devices, switches, and routers. Meanwhile, Microsoft has been pushing its enterprise-wide approach to security called NAP (Network Access Protection) which goes hand-in-hand with its dominant Windows Server architecture and has been trying to increasingly push its endpoint security post its acquisition of Giant. The bottom line here is that its no longer sufficient to be a bit player within the enterprise security business. This acquisition by McAfee does suggest that with multiples coming down within public security companies, more consolidation is likely.

The big question from a stock perspective is who's next?

One big weakness I see currently are with Cisco and the lack of a end point security solution - McAfee and Trend Micro are possible solutions, though both stocks aren't especially cheap trading down about 5% from its 2-year high. IIf Cisco can get an endpoint security provider at a reasonable price, this could prove to be a very good defensive manoevre to ensure that Cisco can push its end-to-end security vision both in the consumer arena and the enterprise.

One other buyer should be Microsoft, which can't be too happy that Windows is ceding some of its dominant share in the consumer arena to Macs. With the perception that Windows computer are weak on security (though this arguably is because malware writers are writing for the masses), Microsoft would be to secure its position with much more security capabilities, especially in the enterprise. Ultimately, the more functions that get done in Cisco routers and switches, dedicated enterprise gateways, and in 3rd party software, the less "value" gets captured by Microsoft. As such, McAfee might not be an even better fit for Microsoft after taking in Secure Computing. But does Microsoft have the appetite for an acquisition? With MSFT going up by 4% this morning, the market is reading too much into the $40B in share buybacks, which are simply a renewal of the buybacks that have been in place since 2004, and the dividend payout is still measly at $0.13 per quarter. In other words, with more than $23B in cash and equivalents, this is something that Microsoft could digest which could help it defend its place as a strategic partner in the enterprise, particularly as "security within virtualization" also becomes an important topic going forward.

As for the final dark horse buyer within this space, does Google have the appetite to take a bigger bite out of this market? I think so, as one of the weaknesses of Google has been that "everything is in the cloud". By this, I mean that Google centralizes everything about its approach to the enterprise, which I understand is its forte. But an important offering that Google offers is its search appliance for enterprises, which is a blade which goes into a server and manages all search activity within corporate servers. For some companies, some pushback on Google Apps might be that some companies simply don't want to risk some information going outside. Google could rectify this by going after a McAfee or Symantec to enable corporations to use a hybrid approach, enabling some content to not by stored on Google's servers at all, and only being viewable within a remote browser when it a session has been approved by a server located within the enterprise. In other words, could Google be interested in an enterprise blade... for security in addition to just search?

In summary, the security market continues to evolve dramatically over time, but the one thing that seems quite likely is that consolidation is coming... soon.

Hakusanoja "Brad Pitt" tai "Brad Pitt downloads" käyttävillä sekä häneen liittyviä näytönsäästäjiä, taustakuvia tai muita kuvia etsivillä faneilla on 18 prosentin mahdollisuus saastuttaa tietokoneensa. Fanit altistuvat roskapostille, viruksille, verkkourkinnalle ja vakoilu-, mainos- tai muille haittaohjelmille. Jopa yli puolessa Internet-sivustoista, jotka vastasivat hakuun "Brad Pitt screensavers", todettiin haitallista sisältöä. Rikolliset ohjaavat viimeisimpiä juoruja, näytönsäästäjiä ja soittoääniä etsivät käyttäjät asiallisiksi naamioiduille sivustoille.

Internetin vaarallisimpien miesten, Brad Pitin ja Justin Timberlaken, ohella Beyoncé ja Heidi Montag ovat listan vaarallisimpia naisia. Viime vuoden neljänneksi vaarallisin nainen Britney Spears ja vaarallisin Paris Hilton loistivat nyt poissaolollaan.

McAfee SiteAdvisor -ohjelmisto tarjoaa varman suojauksen verkkorikollisuuden vaaroja vastaan. Ohjelmisto hyödyntää pitkälle kehittynyttä ja McAfeen patentoimaa teknologiaa. Sen avulla käyttäjät voivat jopa kertoa sivustoihin liittyvistä kokemuksistaan McAfeen analyytikoille ja muille käyttäjille.

Lisätietoja: http://www.mcafee.com/us/about/press/corporate/2008/20080916_120000_y.html

Lisätietoja

Tiedotus ja testituotteet:
Visionist / Jiri Koivuniemi, email: jiri@visionist.fi, puh: 040-8378097

Tekniset kysymykset ja haastattelut:
McAfee Finland / Janne Aro, email: jarno_aro@mcafee.com, puh: 040-7351705

Tukkurit ja myynti:
Scribona Oy, www.scribona.fi, puh: 09-52721
DNS Finland Oy, www.dns-finland.fi, puh: 09-4393630
McAfee Finland / Caj Salovaara, email: caj_salovaara@mcafee.com, puh: 09-2516353

McAfee Avert Labs
McAfee Avert Labs ylläpitää kansainvälistä korkealuokkaista tietoturvauhkia tutkivaa organisaatiota työllistäen tutkijoita 16 maassa ympäri maailman. Avert Labs yhdistää haittaohjelma- ja virustorjuntatutkimuksen sekä tietoturvahyökkäysten torjunnan ja haavoittuvuuden tutkimisen asiantuntemuksen maailmanlaajuisesti.

McAfee Inc.
McAfee Inc on johtava tietoturvateknologiaan keskittynyt yritys ja sen pääkonttori on Santa Clarassa, Yhdysvalloissa. Se toimittaa proaktiivisia ja hyväksi havaittuja ratkaisuja ja palveluja, jotka suojaavat järjestelmiä ja verkkoja ympäri maailman. Ainutlaatuisen tietoturvaosaamisensa ja innovointiin keskittymisensä ansiosta McAfee auttaa kotikäyttäjiä, yrityksiä, julkista sektoria ja palveluntarjoajia estämään hyökkäyksiä ja käyttökatkoksia sekä seuraamaan ja parantamaan tietoturvaansa. http://www.mcafee.com

McAfee, SiteAdvisor, IntruShield, Foundstone, VirusScan, Avert, Total Protection, AntiSpyware, Secure Content Management, ePolicy Orchestrator, Remediation Manager, Policy Auditor, Data Loss Prevention, Intrusion Prevention System ja Secure Internet Gateway ovat McAfee Inc.:n ja/tai sen tytäryhtiöiden tuotemerkkejä tai rekisteröityjä tuotemerkkejä Yhdysvalloissa ja/tai muissa maissa. McAfeen punainen väri tietoturvan yhteydessä on tunnusomainen McAfeen tuotteille. Kaikki muut rekisteröidyt tai rekisteröimättömät tuotemerkit ovat omistajiensa omaisuutta. © 2008 McAfee Inc. Kaikki oikeudet pidätetään.

• An antivirus is never perfect.  If a virus is not defined in the virus-definition database, it's unlikely for the program to detect it.
• Sometimes adware/spyware scanners (malwarebytes, combofix) work better than an antivirus program when it comes to catching adwares or spywares.
• Everyone conducts their virus tests differently, therefore you see slightly different results.  But the following table gives you a pretty good idea.
• Test results tend to vary annually, or even monthly - sometimes you see a product that performs good, but next time may be a little bit different (better or worse).

The latest anti-virus test results - http://www.virusbtn.com/news/2008/09_02:

McAfee Total Protection for Virtualization -ohjelmisto sisältää useita eri osia. Se sisältää mm. McAfee VirusScan Enterprise- ja McAfee VirusScan Enterprise for Linux -ohjelmistot, jotka tarjoavat ylivertaisen suojan viruksia, matoja ja muita uhkia vastaan. McAfee VirusScan Enterprise for Offline Virtual Images on ensimmäinen ja ainoa tietoturvaratkaisu offline-tilassa olevien virtuaalilaitteiden turvaamiseen. Sillä ehkäistään myös offline-tilasta mahdollisesti online-tilaan siirtyvät haitat. McAfee AntiSpyware Enterprise -ohjelmiston ainutlaatuiset skannaustoiminnot auttavat tunnistamaan, etukäteen torjumaan ja turvallisesti eliminoimaan vakoiluohjelmat sekä muut mahdolliset haittaohjelmat. McAfee Host Intrusion Prevention for server -ohjelmisto yhdistää tehokkaasti IPS-toiminnot (Intrusion prevention system), palomuurin ja sovellustenhallinnan. Sen avulla torjutaan sekä tunnetut uhat että nollapäivähyökkäykset (zero-day attacks). Keskitetty McAfee ePolicy Orchestator -hallintakonsoli on ainoa integroitu tietoturvan ja riskienhallinnan alusta sekä fyysisille että virtuaalisille ympäristöille.

Saatavuus ja hinnoittelu
Total Protection for Virtualization -ohjelmisto on saatavilla tämän vuoden viimeisellä vuosineljänneksellä. Hinnoittelu perustuu fyysisten palvelimien määrään ja se kattaa kaikki palvelimeen asennetut virtuaalikoneet.

Lisätietoja: www.mcafee.com/virtualization

Lisätietoja

Tiedotus ja testituotteet:
Visionist / Jiri Koivuniemi, email: jiri@visionist.fi, puh: 040-8378097

Tekniset kysymykset ja haastattelut:
McAfee Finland / Janne Aro, email: jarno_aro@mcafee.com, puh: 040-7351705

Tukkurit ja myynti:
Scribona Oy, www.scribona.fi, puh: 09-52721
DNS Finland Oy, www.dns-finland.fi, puh: 09-4393630
McAfee Finland / Caj Salovaara, email: caj_salovaara@mcafee.com, puh: 09-2516353

McAfee Avert Labs
McAfee Avert Labs ylläpitää kansainvälistä korkealuokkaista tietoturvauhkia tutkivaa organisaatiota työllistäen tutkijoita 16 maassa ympäri maailman. Avert Labs yhdistää haittaohjelma- ja virustorjuntatutkimuksen sekä tietoturvahyökkäysten torjunnan ja haavoittuvuuden tutkimisen asiantuntemuksen maailmanlaajuisesti.

McAfee Inc.
McAfee Inc on johtava tietoturvateknologiaan keskittynyt yritys ja sen pääkonttori on Santa Clarassa, Yhdysvalloissa. Se toimittaa proaktiivisia ja hyväksi havaittuja ratkaisuja ja palveluja, jotka suojaavat järjestelmiä ja verkkoja ympäri maailman. Ainutlaatuisen tietoturvaosaamisensa ja innovointiin keskittymisensä ansiosta McAfee auttaa kotikäyttäjiä, yrityksiä, julkista sektoria ja palveluntarjoajia estämään hyökkäyksiä ja käyttökatkoksia sekä seuraamaan ja parantamaan tietoturvaansa. http://www.mcafee.com

McAfee, SiteAdvisor, IntruShield, Foundstone, VirusScan, Avert, Total Protection, AntiSpyware, Secure Content Management, ePolicy Orchestrator, Remediation Manager, Policy Auditor, Data Loss Prevention, Intrusion Prevention System ja Secure Internet Gateway ovat McAfee Inc.:n ja/tai sen tytäryhtiöiden tuotemerkkejä tai rekisteröityjä tuotemerkkejä Yhdysvalloissa ja/tai muissa maissa. McAfeen punainen väri tietoturvan yhteydessä on tunnusomainen McAfeen tuotteille. Kaikki muut rekisteröidyt tai rekisteröimättömät tuotemerkit ovat omistajiensa omaisuutta. © 2008 McAfee Inc. Kaikki oikeudet pidätetään.

Heuristic Analysis is a method employed by many computer antivirus programs designed to detect previously unknown computer viruses, as well as new variants of viruses already in the wild.
Heuristic Analysis An expert based analysis. Expert determines the susceptibility of a system towards particular threat/risk using various decision rules or weighing methods. MultiCriteria Analysis (MCA) is one of the means of weighing. This method differs with Statistical Analysis, which bases itself on the available data/statistics.

How it works ?

Most antivirus programs that utilize heuristic analysis perform this function by executing the programming commands of a questionable program or script within a specialized virtual machine, thereby allowing the anti-virus program to internally simulate what would happen if the suspicious file were to be executed while keeping the suspicious code isolated from the real-world machine. It then analyzes the commands as they are performed, monitoring for common viral activities such as replication, file overwrites, and attempts to hide the existence of the suspicious file. If one or more virus-like actions are detected, the suspicious file is flagged as a potential virus, and the user alerted.

Another common method of heuristic analysis is for the anti-virus program to decompile the suspicious program, then analyze the source code contained within. The source code of the suspicious file is compared to the source code of known viruses and virus-like activities. If a certain percentage of the source code matches with the code of known viruses or virus-like activities, the file is flagged, and the user alerted.

Its Effectiveness

Although heuristic analysis is capable of detecting many previously-unknown viruses and new variants of current viruses, the effectiveness is fairly low regarding accuracy and the number of false negatives. This is because computer viruses, just like biological viruses, are constantly changing and evolving. Since heuristic analysis mostly operates on the basis of past experience (by comparing the suspicious file to the code and functions of known viruses), it is likely to miss new viruses that contain previously unknown code or methods of operation not found in any known viruses. Fortunately, heuristic analysis is also evolving along with the viruses. As new viruses are discovered using alternative methods of detection, information about them are added to the heuristic analysis engine, thereby providing it the means to detect any new viruses based on the previously-unknown code.

Today Many of the antivirus softwares are capable of heuristic method of analysis, like Symantec ( called Blood-Hound), Mcafee , AVG , and many more.

En los años finales de los gloriosos ochentas del siglo pasado (que bien suena, y parece que hablemos de hace un montón de tiempo) apareció un antivirus llamado Artemis, si no recuerdo mal era para eliminar el famoso Viernes 13. El Artemis fue el precursor del Panda, debieron pensar que Panda era mucho más comercial que Artemis, aunque hoy en dia han debido pensar que el osito era demasiado ñoño para figurar al frente de la marca y se lo han cargado.

A principios de los nefastos 90 (nefastos en muchos aspectos creativos, aunque igualmente existieron cosas buenas) apareció el famoso virus Viernes 13 (nada que ver con Jason) y  un poco más tarde el Virus de la compañía telefónica (Nacional de España) el "antictne"  (primer virus españo que en su código interno podía leerse un mensaje en catalán contra Telefónica ya que por aquellos tiempos ya pensábamos muy mal de ella) y recuerdo que al poco (demasiado poco) tiempo de descubrirse en una universidad inglesa ese virus ya apareció un antivirus. Lo primero que pensamos muchos es que quien hizo el virus, hizo el antivirus. A otros les dió por decir que eso de los virus eran leyendas urbanas y luego crearon el Norton Antivirus....

Pues a lo que iba que me pongo a divagar y me lio mucho, es que mira que hay nombres para escoger y a los de Mcafee no se les ocurre otra cosa que bautizar a su nueva tecnología con un nombre que ya ha sido usado por otra compañia de antivirus. Igual es que muchos no se acuerdan del Artemis, pero ya que era producto español 100% y se distribuyó en los años 90 con los IBM, imagino que alguno lo recordará, y aunque Mcafee no tuviera que estar al tanto de lo que se cocía en España hace 18 años, no me puedo creer que todos los que forman el equipo creativo, de I+D, administrativo y comercial de Mcafee (por lo menos en España) desconozcan algo de la historia de la informática, o quizás pueda ser un homenaje al primer antivirus español, aunque ésta última opción me parecería ridícula y poco factible.

Por otro lado ¿se les olvidaría a Panda renovar el registro del nombre de Artemis para un antivirus?, ¿o es que nunca lo llegaron a registrar?, posiblemente sea más cierto ésto último.

Los supertacañones hubieran mandado parar y Mayra (o Kiko para los más mayores) hubiera dicho que que pena que la respuesta era repetida.

En fin.....