Other > General Topics

Latest Avast! download

(1/2) > >>

debrick:
I also had great success with the latest download! But I'm wondering about something NEW that I just noticed: Every so often I have noticed what starts out as a warning about an incoming virus, but it's not...something called an "exploit". Can anyone explain to a newbie when it comes to security? Thanks Much!

Eddy:
Please read my post HERE

debrick:
Oh, that explains a lot! NOT!! Trying to decipher what you wrote just makes my head swim and it doesn't sound like the answer I was searching for...but thanks anyway!

Lisandro:

--- Quote from: debrick on November 18, 2004, 04:07:26 AM ---Oh, that explains a lot! NOT!! Trying to decipher what you wrote just makes my head swim and it doesn't sound like the answer I was searching for...but thanks anyway!

--- End quote ---

Will this be better or worse?

A new resident protection module was added to avast! 4.5: the Network Shield. It is meant as a protection against known Internet worms/attacks. It analyses all network traffic and scans it for malicious contents. It can be also taken as a lightweight firewall (or more precisely, an IDS (Intrusion Detection System).

Network Shield protects you from internet worms that spread themselves via various security holes in your system. Typicaly these kind of viruses don't infect files but instead  they attack running processes on your PC (either Windows components or some server programs like SQL Server, IIS etc.). These kind of attacks are not easily catched by ordinary antivirus during file or mail scanning. It is not a duplicate work with Standard Shield.

On anything of speed <= 100 mbps the performance penalty should be negligible (unless you have very old hardware). On gigabit/10gigabit networks it may slowi things down considerably though. Few people are using these speeds to access the Internet...

Basically, it covers all Internet worms. Such as Win32.CodeRed, Win32.SQLSlammer, Win32.Blaster, in32.Welchia (Nachi) and Win32.Sasser.

Messages like:
Network Shield: blocked "DCOM Exploit" - attack from 81.178.115.162:135/tcp
are due to the RPC/DCOM exploit, which is a vulnerability that allows an attacker to gain access to the destination machine by sending a malformed packet to the DCOM service. It uses the RPC TCP port 135.

debrick:
Now thats more like it!! Thanks a bunch Technical!  Avast! gets better and better!

Navigation

[0] Message Index

[#] Next page

Go to full version