-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ***^\ ."_)~~ ~( __ _"o Was another beautiful day, Fri, 5 Nov 2004, @ @ at 19:43:37 +0100, when Alexander S. Kunz wrote:
> Hello Mica Mijatovic & everyone else Glad to see you. (: > 05-Nov-2004 14:19, you wrote: >> One of such ones is AntiVir (Personal Edition, which is free) I use >> often, and it (the "Guard" part of it) will react on ANY occurrence >> which involves a "suspicious" file/action. It is *very light* in >> spending resources whilst it monitors machine. > ...OTOH it is very "heavy" on the online updates (I never saw an update > below 1MB), and the way to set the online update in a way that it will > happen automatically is to be found only by the more curious users. What is "heavy" for a broadband user? I just downloaded newest version of ~4,5 MB, for some 25 minutes on *dial-up*. If I would try to update it "online" it would disconnect me countless times, or connection will drop in coma, the equal number of times, without possibility of resuming so I'd probably have to bequeath this "online" update to my progeny, using such a "method". And above all, I would have firstly to *provide* some progeny. You must admit, therefore, that what you subtly foreshadow has no all pros and cons modestly equilibrated. (Today, we are string walkers.) >> There are plenty of good AV programs > Actually, there are not. :) Usually less than 50% of tested AV software > reach 100% detection rate... I wholelungsly suspect that even ONE AV on this beautiful world in this part of galaxy can do that. What we read in newspapers mainly does not exist. There is NO any AV which will catch "100%" of anything something. That's the reason I used term "good" instead "perfect", and further, that's the reason why people use more than one AV, for various sorts of (digital) beasts, for the raids from left, right, back... Under... You have to have *strategy*. You cannot just "buy a gun" and that's all. What's one gun for all of that growing populace. If those beast are so easily scared, we could kill them by frowning. ..... > It can be an advantage to have an email plugin, as it is outlined in > TB's helpfile, too (search the index for "anti-virus"): it may detect > malware in email that comes via encrypted channels, too, where normal > mail scanners fail, for example. "Encrypted channels"? What's that? Teach me. Please. (: > In addition, there are antivirus programs which are simply not aware > of all email programs and their database files. Imagine an antivirus > program that detects a virus signature in a large email folder (where > the virus does absolutely no harm) and it quarantines the whole file, > or, if the scanner is configured more strict, deletes the whole folder > at once. Surprise surprise - all mails gone. Surprise, surprise - you didn't follow my exposure. (: Pat, pat. I'll be shameless and will cite myself: "...AntiVir is catching some infected file, and asks me for action I'd prefer (renaming, deleting, denying/allowing access etc.). It does that very fast, so you can proceed download of other messages of that account..." "...so you can proceed download of other messages of that account" -- "other" and "messages"; therefore it intercepts single messages *before* they become a part of any folder or whatever database, if they are of a such fate, therefore before they even *arrive* in TB. So, the suspicious message wants to come in, and AntiVir says: "No! Stop! You can't get in since you are suspicious. I have to ask the Boss (it's Me) firstly." And only if I allow that, this single message is entering and is becoming the part of some folder or whatever, by its respective merit. > My strategy is to completely exclude the mail programs data folders > from both the on-access and on-demand scanning, and have the mails > scanned separately (if at all, I do not) - if you click on a malicious > attachment and try to execute and/or save it, the on-access scanner > will catch it, anyway. YMMV Your strategy is also good, but Miss Pat asked for an AV which will *also* check the incoming mail, when it yet consists from separate single messages, before they become the part of a data folders. She then will have many opportunities to click on them as well. AntiVir can do that too. Btw, once a single message is in a message base (files TBB) no AV will be able to recognize any virus, since all of them (if attachments are stored in same file) are then in plain text format. (-; Catch-22. So, it's good then to keep all attachments separately. *Then* you can check them for viruses successfully, even if they are not open in TB. What are those "encrypted channels"? Do I have some of these? - -- Mica PGP key uploaded at: <http://pgp.mit.edu/> once just before breakfast <>o<> [Earth LOG: 65 day(s) since v3.0 unleashing] OS: Windows 98 SE Micro Lite Professional IVa Enterprise Millennium with nestled ZipSlack(tm) 9.1 UMSDOS Linux; and, for TB sometimes Libranet (Linux) 2.8.1, via Cross Over Office -----BEGIN PGP SIGNATURE----- iD8DBQFBi+iK9q62QPd3XuIRAht3AJoC0nEXxrTafoDgcHwZ/yAe5w4JlwCfbPwf CNxjSOCYuKXsEhl0RVf9Ic8= =UDLj -----END PGP SIGNATURE----- ________________________________________________ Current version is 3.0.1.33 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html
