about me addons Adobe Anti-Malware AntiVirus ArchLinux AV-Comparatives avast AVG AVIRA AVPClub Labs

It is two days before continuing on the topic of the ESS AntiLeak purification of water test what is reverse osmosis? Why do we need reverse osmosis purification of water function? Reverse osmosis is a concept only became popular purification of water in the last three years of its existence the purpose to compensate for the shortcomings of traditional network purification of water firewalls! The most typical purification of water is the traditional firewall, like the built-in Windows XP SP2, it provides a basic network defense, and even the (inbound) needs to be filtered, and block undesirable incoming (outbound) demand but this typical firewall It needs to connect even outside for no particular to restrict it means that we are using the Internet browser that we do not need this kind of firewall to set special rules for it (Rule) or policy purification of water (policy) purification of water can freely access network resources So once we are in a Trojan horse or worm typical traditional firewalls can not prevent it! No matter how little purification of water it can do to limit firewall against even outside such restrictions IE can not access the network, or can not access a particular IP position or link Fu (Port) This type of firewall can be when it found that even when the external demand will prompt IP target location purification of water and connection Fu and other information that we can use this information to determine whether it is necessary or unnecessary connections with the appropriate rules or strategy, we can limit the browser can not browse certain websites IP address but not be limited to the site are free to browse, rules and measuring purification of water the rate of two live through appropriate limitations to the system components we can put explorer.exe or svchost.exe virus often do restrict the use of such a child would use if the two Even outside purification of water elements viruses, we can account secret from falling into the wrong hands, but if there is only this way but it is still not quite enough! Because the virus can not only rely on their own even outside itself, but also by other systems connected to the external program! We even out the virus outside of this process called "infiltration" Most of the traditional firewall, the program will tell you what you want to even out, and even where the information but do not let you know that this connection by the user or the virus itself initiated through calls initiated! purification of water In order to let the user know to call or behavioral program between each other, purification of water and now a new generation firewalls are included on the HIPS module using SSDT Hook API system, additional software to monitor the behavior of our firewall can provide us with a more detailed program behavior, in order to distinguish whether it is a poor connection! Here I use Matousec testing program to simulate the virus through circumstances outside purification of water even after calling in tips ESS's where we can see explorer.exe has even prompted ESS external demand from the virus, we do not know who is, or is it through the What kind of behavior causes explorer.exe need even outside? Next we look at Comodo Firewall V3 prompt CFP3 HIPS module based on the discovery of the behavior of the direct operation of the screen purification of water to detect attempts to modify protected registry to detect attempts to modify purification of water the user interface after the operation in front of the modified explorer.exe purification of water somehow To even outside it! After the above tips, we can know by Chu explorer.exe even outside is a program initiated by breakout2.exe this through a series of acts, causing explorer.exe appear even outside demand detailed program behavior tips to help us to easily determine the whether the program belong to malicious behavior with! The above is a simple demonstration of the reverse osmosis process Li Jing
History November 2013 (1) May 2012 (1) October 2011 (1) September 2011 (1) June 2011 (2) May 2011 (3) February 2011 (1) January 2011 (1) November 2010 (1) October 2010 (1) September 2010 (1) January 2010 (2) December 2009 (2) November purification of water 2009 (5) October 2009 (1) September 2009 (8 ) August 2009 (5) July 2009 (6) June 2009 (11) May 2009 (10) April 2009 (16) March 2009 (12) February 2009 (9) January 2009 (15) ten February 2008 (24) November 2008 (13) October 2008 (18) September 2008 (28) August 2008 (5) July 2008 (3) June 2008 (15) May 2008 (10) four 2008 (15) March 2008 (4) February 2008 (5) January purification of water 2008 (3) December 2007 (2) November purification of water 2007 (25) October 2007 (53) September 2007 (47) eight 2007 (18) July 2007 (21) June 2007 (4)
about me addons Adobe Anti-Malware AntiVirus ArchLinux AV-Comparatives avast AVG AVIRA AVPClub Labs B2D BitDefender Chrome Clam AV Comodo Compiz-Fusion Debian Drivers E-book EQSecure ESET F-PROT F-Secure Fake AV Fedora FireFox FireWall GDATA Gentoo GNOME Google Google Earth HIPS IE Input method Internet Security Kaspersky KDE lawlietfox Linus Torvalds Linux Distribution LXDE Mac OS Midori MSE Online Armor OpenSolaris Opera Outpost Panda PC Tools PCSL Personal password Personal Private Red Hat Rescuse CD Sabayon Safari sample analyze Sarfari Scan Tools Sophos Stylish purification of water SUSE Symantec ThreatFire purification of water Trustport ubuntu VirtualBox VirtualMachine Virus Bulletin VirusTotal Vista VMWare Vulnerabilities Web Browser Windows Windows 7 Windows hotfix xPUD Zemana