ENN - Electric News.net
Free e-mail alerts & newsletter - Sign up here
Free e-mail alerts & newsletter - Sign up here
Edit your alerts
News
   CORRECTIONS
Survey
Let us know how to make ENN better!
Take our reader's survey.
Adworld

Face-to-Face: Dinesh Dhamija, CEO Ebookers
Don't look now, but e-travel is booming -- and strangely, its successes are coming only after the dot-bomb and September 11, events that decimated related industries. Matthew Clark spoke with Dinesh Dhamija, CEO of highflying European e-travel firms Ebookers, as the company considers acquisitions, market share and the future.
More here

 

The following e-mail will be sent on your behalf.

 has sent the following story to you from ElectricNews.net.

The story is available from https://electricnews.net/news.html?code=8577722

Multiple virus scanning needed, says GFI
Friday, August 02 2002
by The Register


No single anti-virus product catches a comprehensive range of e-mail viruses and
malware within a variety of compressed and uncompressed file formats. That is the conclusion of a study analysing the results of research by five
leading anti-virus testing laboratories from security firm GFI which reveals
various (we'd say minor) shortcomings in popular AV products, writes John
Leyden
.


GFI looked at results on tests on AV tools from Trend Micro, Symantec (Norton),
McAfee, Norman, and Softwin by five impartial anti-virus testing laboratories
(ICSA Labs, West Coast Labs, Virus Bulletin, AV-Test.org, and Virus TestCenter).
In GFI's analysis, particular attention was paid to overall virus detection
rates, the ability of AV tools to scan through compressed and embedded files, and
their coverage of non-virus malware.


Each product showed strengths in different areas, GFI concluded, so combining the
capabilities of two or more products would let organisations make up for
deficiencies in any single product.


Of course, this reasoning applies only if the products lack similar shortcomings
and the firm's conclusion fails to take into account that the most pressing
problem for most companies; dealing with either newly-created fast-spreading
worms (like Nimda) or the steady trickle of old favourites, like SirCam and Klez.
In the case of the former, best practice is moving towards filtering out
suspicious e-mails at the gateway and/or employing heuristic detection/blocking
at the ISP level.


For viruses like SirCam, all anti-virus software detects such bugs anyway and it
becomes a problem of ensuring AV software is up to date. The reason viruses like
Klez continue to spread is largely due to a complete absence of protection by
consumers (mainly) rather than deficiencies in AV software as such.


That's not to knock GFI's study completely -- it does show up shortcomings in the
ability of anti-virus tools to look within some uncommon file compression types
for malware.


Using a battery of different scanning engines would be preferable but we question
whether deploying products with single products with multiple scanning engines,
such as GFI MailSecurity for Exchange/SMTP, is as important as the Maltese firm
makes out. You can make up your own mind by reading GFI's White Paper on the
company's Web site.


The Register and its contents are
copyright 2002 Situation Publishing. Reprinted with permission.




Search

Jobs
ENN Corporate Services Ad Red Moon Media Ad ENN Message Boards House Ad
Powered by The CIA
Designed by Redmoon media

 

© Copyright ElectricNews.Net Ltd 1999-2002.