ScinteX 0 Posted January 7, 2005 oh mate sorry i didnt see this earlier... it wasnt in my "X forum topics since your last visit view" Oh well i am here now Prev checks loads of stuff & it appears to work on SP2, since I have had it running on my box for about 3 weeks now. Prevx say "...Windows 2000, XP on all service packs"..... http://www.prevx.com/ To be honest it has not flashed up warnings all that often, which I guess is a good thing. However I am sat behind a hardware firewall so who knows what is actually hitting me but getting filtered out by the firewall box! The most common warning I get is when a program is trying to execute in a "protected" folder. Typically, this is a temp folder of somekind (Windows temp folder or maybe another designated cache like IE's temp folder -> when using Windows Update). The program appears to monitor malicous activity that it thinks shouldnt be happening. Therefore it is hard to say what it stops exactly (With examples) since it doesnt use signature files as such. Wow this is hard to explain! The FAQ is really useful : http://www.prevx.com/prevxhomefaqs.asp Prevx do "monitor" events generated from the program. This is private and they do provide a detailed synopsis of why/what/when the program phones home. It is not malicious- it helps 0-day attacks and such. You can turn off the phoning home bit (see FAQ and/or http://www.prevx.com/PrevxHomeAudit.pdf). You could also use your firewall to stop it if you dont like the idea I suppose..... I am not quite sure exactly how this thing works, but I have been a bit crafty and downlaod various bits of code from the net that *attempt* to break Windows XP. I tested on XP SP1 and Prevx killed the process. On SP2, results were different- SP2 was not interested in the slightest and the code had no affect. I can only guess that should I ever get stung by a buffer overflow exploit in XP SP2, Prevx would catch it. Some background info on the web: http://www.wilderssecurity.com/showthread.php?p=96050#post96050 http://www.techzonez.com/forums/showthread.php?t=9739&goto=nextoldest http://netsecurity.about.com/od/readproductreviews/fr/aapr091904.htm An old article, but interesting all the same- probably the closest thing to how it works! http://news.zdnet.co.uk/internet/security/0,39020375,39118610,00.htm Share this post Link to post
ScinteX 0 Posted January 8, 2005 Funny you should mention it- I have just been playing with Server 2003. It is annoying when stuff doesnt work on 2003. But then again, only a handful of home users would run 2003- thus businesses usually go for the corporate editions etc. Prevx dont seem to mention 2003 on thier site. Then again I would imagine that as a business you'd contact them and they would make it work... what a pain for us lot- I know we are "home users" but we tend to play with all sorts of things and join the "big boys" with thier servers editions etc!!!! But hey no biggie- and as u say, not a waste. Share this post Link to post
