Full Disclosure mailing list archives
Hi! Antiviruses Comparison - A Little Research Results
From: Feher Tamas <etomcat () freemail hu>
Date: Fri, 16 Apr 2004 15:49:37 +0200 (CEST)
Hello!
Just wanted to say to all of you that Mcafee(Pro 8) seems to be the best antivirus around out of norton 2004, panda and mcafee.
If you are a lamer in the AV area, then please don't fool others! There are at least 12 major players in the AV arena, each with diverse weaknesses and strong points. Size-wise number one and two players McAfee and NAV are US companies known to cooperate with Uncle Sam (will not dare to detect Magic Lantern and the like if one appears in the future). McAfee and NAV are huge, but not so strong outside the USA and it's colonies. Maybe lack of good local support and not trusting them fully are among the factors causing it. I don't know if McAfee still requires reboot after every signature update. Russia's Kaspersky AV has undoubtedly the best capabilities in terms of dissecting file internals (supports exploding the widest range of archivers, exe-packers, macro insides, etc.) and detecting known exploit methods, backdoors, rootkits, spyware, adware, etc., not just strictly viruses/worms. They are usually the fastest to react to new malware. Their inherently modular signature update technology is the most advanced one, but requires considerable care to work properly. Their quality control is not always the best and their users' manuals are a little cryptic. But a lot of NAV users migrate to KAV in Europe and they bash NAV a lot for failing them. Only finnish F-Secure and american CA has Windows/Linux AV products with multiple independent virus scanning engines. This gives protection against false positives, but requires more system resources. F-Secure's central management is probably the most advanced and detailed, but it is so heavily standards based, that its use feels artifical and often against common logic. NAV management is very hard to set up. KAV management does not scale. Some AV makers sell central managent for extra money, some include this important feature in the base price. Some central management solutions simply suck or do not scale, others are hard to install or monitor. Spanish Panda AV has problems with boot-time protection. Put the eicar.com in the autoexec.bat and it will run. Most other AV prevent this. Sophos and Sybari are mostly unknown in other than gateway AV. Worldwide no.3 player, the japanese-taiwanese-american Trend Micro company is also very, very strong in gateway level AV as well as having an OK homeuser and workstation AV market share, especially in Europe. Support can be kind of bureaucratic and their central management tool is awkward. Czech-Slovak made Eset NOD32 wins all tests ever, but they do not detect backdoors, droppers and other merged threats, just straightforward virus and worm items. Tests like the famous VB100% award do not include stuff that would fail them. Hungarian VirusBuster has become mainstrame grade virus catcher during the past two years. Microsoft will likely become a player in the AV arena soon, even if they deny it now. Bill Gates bought the romanian RAV firm, which was selling incredibly cheap and reasonable Linux gateway AV products. Although most crew bailed out and ended up with KAV, Microsoft is still a potential dark horse competitor for the future. There is so much more about AV, including availability of localized language software for home and desktop users, built-in personal firewall included with AV software, vendor's prices for multiple-year support policies, tiered customer relations, etc. that would need to be considered carefully. It could make a book, not just the disorganized mess of text I wrote above. Sincerely: Tamas Feher from Hungary. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Hi! Antiviruses Comparison - A Little Research Results Rafel Ivgi, The-Insider (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little Research Results Tobias Weisserth (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little Research Results Gregory A. Gilliss (Apr 16)
- <Possible follow-ups>
- Hi! Antiviruses Comparison - A Little Research Results Feher Tamas (Apr 16)
- RE: [inbox] Hi! Antiviruses Comparison - A Little Research Results Curt Purdy (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little Research Results 3APA3A (Apr 16)
- RE: Hi! Antiviruses Comparison - A Little Research Results Sean Crawford (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little Research Results Exibar (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little ResearchResults Gregh (Apr 18)
- Re: Hi! Antiviruses Comparison - A Little Research Results 3APA3A (Apr 16)
- RE: [inbox] Re: Hi! Antiviruses Comparison - A Little Research Results Curt Purdy (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little Research Results Feher Tamas (Apr 16)