Bong's Profile

Member since August 10, 2007

  • Name

    Bong Bong

  • Location:

    Thailand

Favorite Files

Recent Posts

  1. Review - Webroot Desktop Firewall

    5.5.10.8 (Oct 27, 2007)

    An Excellent update of the already top notch Dynamic Security Agent. Slow to start? Are you kidding? Mine is XP SP2 Celeron 2.13 and Have no problems with it whatsoever.

  2. Review - Jetico Personal Firewall

    2.0.0.35 (Sep 21, 2007)

    If you can grab the standalone TINY PERSONAL FIREWALL DESKTOP PRO 6.5.126 get it.

    Features:

    Firewall
    HIPS
    Integrity Guard
    Sandbox
    Windows Security

  3. Review - Kaspersky Anti-Virus

    7.0.0.125 (Aug 12, 2007)

    Major antivirus vendors fail quality test

    Kaspersky, F-Secure and Grisoft stumped by Virus Bulletin 100
    Tom Sanders in California, vnunet.com 11 Jun 2007
    ADVERTISEMENT

    Antivirus vendors Kaspersky, F-Secure and Grisoft, maker of the popular AVG application, have failed to achieve the strict Virus Bulletin 100 antivirus certification.

    The trio are among 10 antivirus applications for Microsoft's Windows XP that failed to meet the test standards set by Virus Bulletin's June 2007 test. A combined 37 software products were submitted for testing.

    The VB100 is known for its strict standards. The test subjects applications to a wide set of malware that spans historical and actively circulating threats.

    Qualification requires that software detects all malware that circulates in the wild and does not mislabel any safe files or applications as malware, a phenomenon known as a false positive.

    AVG is a popular security application in the consumer market because Grisoft offers a free basic version of the application.

    The software has a reputation for solidity and good detection, but the version submitted for testing failed to detect the W32/Rbot virus.

    Kaspersky also ruined its generally solid reputation by failing to detect the W32/Allaple virus, and F-Secure's consumer antivirus application missed the same online pest.

    Kasperksy and AVG corrected the problem in later updates, Virus Bulletin researchers pointed out. All three vendors passed certification in last February's test for Windows Vista and a June 2006 test for Windows XP.

    The same VB100 test re-established Microsoft's OneCare security suite as a capable application. The software achieved certification in June 2006, but failed last February's test on Windows Vista.

    The failing products were:

    * Agnitum Outpost Security Suite Pro 2007 5.1214.616
    * Ahnlab V3 Internet Security 2007 7.40.1
    * Doctor Web Dr.Web 4.33.3.04230
    * F-Secure Protection Service for Consumers 7.00
    * Grisoft AVG 7.5 Professional Edition
    * Ikarus Virus Utilities 1.0.52
    * iolo AntiVirus 1.1.9
    * Kaspersky Anti-Virus 6.0.2.621
    * NWI VirusChaser 5.0a
    * Proland Protector Plus 2007

    http://www.vnunet.com/vn...vg-kaspersky-fail-virus

    Excerpts of the reply from Kaspersky Lab

    "What happened at Kaspersky Lab

    The threat signature for Net-Worm.Win32.Allaple.e was added to the Kaspersky anti-virus signature databases on February 1, 2007, i.e. as soon as it emerged in the wild.

    As part of Kaspersky Lab’s on-going efforts to improve efficiency and optimize overall performance, the threat signature for this worm was removed from the database - temporarily - for additional testing.

    It is important to note, that user security was not compromised in any way due to our multi-faceted approach to security. The Proactive Defense Module, integrated into Kaspersky Anti-Virus 6.0 successfully detects and blocks this worm. As a result, user security is ensured by two complimentary technologies – anti-virus signatures and the PDM.

    Unfortunately for Kaspersky Lab, the day that the signature was removed for testing coincided with the day Virus Bulletin was collecting anti-virus databases to conduct their tests. The databases downloaded for Kaspersky Anti-Virus 6.0 did not contain the signature for Net-Worm.Win32.Allaple.e. Since VB only tests signature-based detection, our product did not detect Net-Worm.Win32.Allaple.e."

    My comments:
    You just do not remove any potential threat out of your signature database just for "additional testing" - unless you are 100% sure that it is false positive. Any Virus vendor can always do testing and still retain the suspect code in their database. Let me prove my point.

    "According to noted computer virus expert Paul Ducklin, in order for a virus to be considered in the wild, "it must be spreading as a result of normal day-to-day operations on and between the computers of unsuspecting users." Although there are an estimated 47,000 computer viruses, fewer than 600 are said to be circulating outside of laboratories and research facilities - hence, in the wild. Experts say these wild viruses pose the most significant threat to computers. Wild viruses typically contain a damaging payload and the ability to wipe out all computer files, sometimes even damaging a computer's BIOS.

    The Wild List Organization International has compiled a cumulative list of viruses considered to be in the wild. New viral strains are added as they are reported and can be verified. Recent examples of computer viruses in the wild include Melissa, CIH, and W.32 Navidad (the Kriz virus). The Wild List Organization International maintains an updated list of wild viruses. View it here: http://www.wildlist.org/WildList/.";

    You see, normal users are the ones greatly threatened by a virus ITW. When an antivirus vendor removes a malicious code out of their database just for additional testing will endanger PC's of normal users.

    "Since VB only tests signature-based detection, our product did not detect Net-Worm.Win32.Allaple.e."

    Very lamely said and an admission of poor database handling methodoloy and policy.

    Of course, everybody will always have an excuse for every stupidity committed.

  4. Review - Agnitum Outpost Firewall Pro (32-bit)

    4.0.1025.7828 (700) (Aug 10, 2007)

    Overrated and bloated. I tried it once and two spywares made it through my machine. Well, on a consolation, it cleaned its own mess. Never again. DSA is free, effective, and light on CPU and Memory resources.

  5. Review - Dynamic Security Agent

    1.0.6.27 (Aug 10, 2007)

    This piece of software really amazes me! I thought this was a pretender. After reading the reviews and trying it myself, I can say this is a heavyweight contender among Firewalls. Thanks DSA!

    My recommended settings:

    Sensitivity Threshold: 10
    Training Period: 14 days
    Require user approval for each alert: Tick all boxes

    Passed:

    DNSleaktester and PCFlank leaktests not to mention all other leaktests DSA passed.

    ------------------

    DSA is a HIPS with a Firewall. You can use it alongside a Firewall of your choice. Me, I use it with TINY Firewall Desktop Pro. This is an excellent addition to your PC security.

    Anti-trojan, Anti-leak, HIPS, Anti-Rookit, low footprints, Free.

    Perfect? No, and so are other PC security softwares. Paid or Free.