I have a question about www.norton.com online vulnerability scan, I used it and it seems good. Do you guys think its good and accurate?? Please give me your thoughts.
Printable View
I have a question about www.norton.com online vulnerability scan, I used it and it seems good. Do you guys think its good and accurate?? Please give me your thoughts.
Well,
It fell at the first hurdle, it doesn't seem to like Mozilla 1.6?
I answered this question in another thread but basically, it's dependent on ActiveX to run. This would lead me to believe that the "scan" is limited to certain activities. It only works for Windows and Pre-OS X Macintoshes, going through the browser to get information. It would make me wonder, however, as to what other info they are getting.
Personally, if I could get it to run, I'd fire up some sniffer programs to see what it's doing exactly. Perhaps someone with a Windows box and IE (with ActiveX) enabled could fire up WinDump/Ethereal and ProcessExplorer to see what things this "scanner" is actually doing.
I'll take a look at that when I finish the securityspace thingy.....
I just got it to run.......................it seems like a "poor man's shields up"...........scans a few ports.
I don't have anything fancy on this machine, so I will leave that to Tiger. But whatever it does is within itself as far as I can see......Winsonar did not detect any new background processes, and nothing tried to get out.
It does not recognise AVG as a commonly used AV, but does recognise e-trust.........I think I must e-mail AVG and get their opinion on that one :lildevil:
I will also test it on a machine with the latest McAfee.............just to be sure that I have not wasted my money :cool:
Cheers
Does anyone know how it checks for an updated Antivirus?
It's hooked right into the Symantec site and updates automatically.Quote:
Cheers:
Hi CXJ,
Yes it looks to see if the pattern file is less than 2 weeks old..............otherwise I suspect that all AV systems are out of date if they are not Norton?
:D
Actually I think out of date might mean "free" but I will find that out when I run it on a McAfee box?
cheers
I meant the scanner (not my currently installed antivirus - if that is what you meant DjM). How does it tell if you are out of date? Does it scan your hard drive for common virus definition files or is it somehow checking your running processes?Quote:
Originally posted here by nihil
Hi CXJ,
Yes it looks to see if the pattern file is less than 2 weeks old..............otherwise I suspect that all AV systems are out of date if they are not Norton?
:D
Actually I think out of date might mean "free" but I will find that out when I run it on a McAfee box?
cheers
CXGJ, I have run it on two machines............it recognised e-trust as a "commonly used AV" and told me that my definitions were up to date (updated them about 24 hours ago)
It did not recognise that the box with AVG actually had an AV on it, let alone that it was up to date (which it is).
I am suspecting from that, that it knows some AV products and their pattern/ definition files and just looks for the date.
I think I can check that by going back to the other (e-trust) machine and killing the active scan? Then we will see if it is looking for files or processes?
Hey, I NEVER EVEN THOUGHT to ask myself how did it do it.......................I'm getting too bloody old for this game.
Watch this space, I will edit this post with the results...........I am too much of a post whore as it is :D
Cheers
Sorry about that mate, I was confused :confused: :pQuote:
Originally posted here by CXGJarrod
I meant the scanner (not my currently installed antivirus - if that is what you meant DjM). How does it tell if you are out of date? Does it scan your hard drive for common virus definition files or is it somehow checking your running processes?
If it does I think I have bigger problems. Definition files are embedded quite deep into the program files directory, if they can scan that deep, I got other things to worry about, rather than old Def. files I think.Quote:
Does it scan your hard drive for common virus definition files
Cheers:
No prob. I did not state my question in the best way.Quote:
I think that they could just scan the default folder if anything. Symantecs Corp Edition is C:\Program Files\Symantec_Client_Security\Symantec AntiVirus so they could just scan the default folders for antivirus defs.Quote:
If it does I think I have bigger problems. Definition files are embedded quite deep into the program files directory, if they can scan that deep, I got other things to worry about, rather than old Def. files I think.
I was only interested because I wonder how many people woulld still do the security scan if it said it was going to scan you hard drive.
Hmmm,
DjM, now don't you start getting all ::hide-beh like me!
I think that it finds the common AVs and will know the access path from that?
I would comment that it found e-trust, and that is on my "D:\" drive, so it must be doing some scanning?
cheers
Hmmm... interesting. I might go ahead and test to see if it can find the Symantec Corp Edition stuff on my d: drive under a p0rn folder.Quote:
Originally posted here by nihil
Hmmm,
DjM, now don't you start getting all ::hide-beh like me!
I think that it finds the common AVs and will know the access path from that?
I would comment that it found e-trust, and that is on my "D:\" drive, so it must be doing some scanning?
cheers
Right,
I have just tried it on the other machine with the e-trust AV active scanning off. And in tasks as well!!
This is a bit more subtle that I thought? (I am not having an intelligent day :) )
There are two categories:
1. Product up to date
2. definitions up to date
The definitions are up to date, and it correctly reports that. It is the product that it says is not, and suggests that I go look for a newer version...............obviously there isn't one, so the inference is that I should go buy Norton?
Cunning B*******s!
Oh well!
I think they are trying to get you to "upgrade" to norton! ;)Quote:
Originally posted here by nihil
There are two categories:
1. Product up to date
2. definitions up to date
The definitions are up to date, and it correctly reports that. It is the product that it says is not, and suggests that I go look for a newer version...............obviously there isn't one, so the inference is that I should go buy Norton?
Cunning B*******s!
Oh well!
My scan came up with the results.
(Note: Symantec is installed to E:\porn\porno avi)
Product is up to date (even though I am using {to test} Symantec Corp Ed 8.1 - latest is 9.0)
Definitions are up to date.
Could it be checking the registry for an install path? Or it is scanning the drive. Seems to be a bit fast for scanning the drive though.
The other machine is a PII/266, and it did seem rather fast for any kind of in depth scan. I was sort of thinking that it just read the root directories and the program files folders?
If it found yours, I would say it almost certainly is reading the registry...........incidentally, have you renamed your Windows folder to "obscenity" or maybe "obesity" :D
Of course your product is up to date.......it's Norton isn't it...............seriously though, it may well have different rules for corporate and private versions? Corporations tend to change less frequently, and might not like to be told that they had only recently spent a lot of money on something that is now obsolete? McAfee certainly have different rules for corporate and domestic versions.
Not that I am cynical or anything :cool:
Thanks for the replies guys, I appreciate it. When I did the scan all the ports it scanned were either invisible or closed according to the scan. So with those ports safe, how safe do you guys think I am in general??
Ms Mittens, I know that you already answered this question and I thank you, I just thought I'd start a thread to see everyone else's views. :)