Jump to content

Does Eset protect against backdoors?


Recommended Posts

Guys, I wanted to know if ESET protection protects against backdoors?
Where to find this protection that you cannot find in the ESSP product

Link to comment
Share on other sites

  • Most Valued Members
4 hours ago, New_Style_xd said:

Guys, I wanted to know if ESET protection protects against backdoors?
Where to find this protection that you cannot find in the ESSP product

ESET protects against Backdoors or RATs , they are considered as Trojans

https://www.virusradar.com/en/glossary/backdoor

Link to comment
Share on other sites

35 minutes ago, Nightowl said:

ESET protects against Backdoors or RATs , they are considered as Trojans

https://www.virusradar.com/en/glossary/backdoor

What I wanted to know where is in the eset these settings stating that I am protected or activated protection.

Link to comment
Share on other sites

  • Most Valued Members
4 minutes ago, New_Style_xd said:

What I wanted to know where is in the eset these settings stating that I am protected or activated protection.

CONFIG_SCANNER

They should be among the Malware category.

Link to comment
Share on other sites

3 minutes ago, Nightowl said:

CONFIG_SCANNER

They should be among the Malware category.

Thanks for your attempt, but it's not telling you where the backdoor protection is

Link to comment
Share on other sites

  • Most Valued Members

You are right , but they are all categorized under Malware , you cannot edit , enable/disable protection of a specific kind of malware , protection is enabled for all , unless the file can be categorized as Unsafe or Unwanted

Link to comment
Share on other sites

4 minutes ago, Nightowl said:

You are right , but they are all categorized under Malware , you cannot edit , enable/disable protection of a specific kind of malware , protection is enabled for all , unless the file can be categorized as Unsafe or Unwanted

It should be specified somewhere in the antivirus. What I've already researched the Backdoors it doesn't fit as malware, probably in another category.
And it is not specified in ESET. because I don't think so.

Link to comment
Share on other sites

  • Most Valued Members
3 minutes ago, New_Style_xd said:

It should be specified somewhere in the antivirus. What I've already researched the Backdoors it doesn't fit as malware, probably in another category.
And it is not specified in ESET. because I don't think so.

I still believe that it should be classified as a Malware because look at the definition from Wikipedia

Quote

Malware (a portmanteau for malicious software) is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive users access to information or which unknowingly interferes with the user's computer security and privacy.[1][2][3][4] By contrast, software that causes harm due to some deficiency is typically described as a software bug.[5

A back door falls into this category

Link to comment
Share on other sites

5 minutes ago, Nightowl said:

I still believe that it should be classified as a Malware because look at the definition from Wikipedia

A back door falls into this category

I talk about this about the backdoor because it opens the door to a possible ransomware that I think ESET is not as efficient as kaspersky that has the refusal that I reversed the ransomware's action on the person's machine. all because of a backdoor.

Link to comment
Share on other sites

  • Most Valued Members
9 minutes ago, New_Style_xd said:

I talk about this about the backdoor because it opens the door to a possible ransomware that I think ESET is not as efficient as kaspersky that has the refusal that I reversed the ransomware's action on the person's machine. all because of a backdoor.

If I understood you right , Kaspersky reverse the ransomware's action because it took a snapshot of the files(backup) so after the ransomware encrypted them , Kaspersky had an unencrypted version of the files so it reverted back to it

But ESET can detect the backdoors that you are talking about , unless it's a 0-day backdoor and the AI didn't work properly to catch it, but ESET detects backdoors , that might let malicious acts happen on your PC.

Link to comment
Share on other sites

4 minutes ago, Nightowl said:

If I understood you right , Kaspersky reverse the ransomware's action because it took a snapshot of the files(backup) so after the ransomware encrypted them , Kaspersky had an unencrypted version of the files so it reverted back to it

But ESET can detect the backdoors that you are talking about , unless it's a 0-day backdoor and the AI didn't work properly to catch it, but ESET detects backdoors , that might let malicious acts happen on your PC.

Let's say that it can detect backdoors, plus the same ransomware tools that ESET has, it doesn't have several forum topics here that have already been commented on, because if eset implements it will slow down the antivirus. something that doesn't happen with KASPERSKY so far I can't understand why ESET hasn't implemented this functionality in their products.

Link to comment
Share on other sites

  • Most Valued Members
21 minutes ago, New_Style_xd said:

Let's say that it can detect backdoors, plus the same ransomware tools that ESET has, it doesn't have several forum topics here that have already been commented on, because if eset implements it will slow down the antivirus. something that doesn't happen with KASPERSKY so far I can't understand why ESET hasn't implemented this functionality in their products.

Unfortunately, I don't have an answer for that , only an ESET staff what internally is happening or going to happen in the future

But in my opinion , both Kaspersky and ESET if configured properly or left at default settings , both of them are good AVs and both of them are among the best available in the market

It's true one might be better than the other in some part , but it's just like everything in life , it would have differences and won't be identical and one could be better than the other , but for me both of them are highly rated AVs that has been around for years, but end of it it's just a personal taste and what do you prefer , both of them are good AVs

Most of the ransomware infections happened because someone sold access to the network since everyone was sent to work from home , so every worker had access to the network from home. , or they exploited unpatched systems or firewalls and through that they went, and mostly disabled the AVs before they could run their ransomwares

Link to comment
Share on other sites

14 minutes ago, Nightowl said:

Unfortunately, I don't have an answer for that , only an ESET staff what internally is happening or going to happen in the future

But in my opinion , both Kaspersky and ESET if configured properly or left at default settings , both of them are good AVs and both of them are among the best available in the market

It's true one might be better than the other in some part , but it's just like everything in life , it would have differences and won't be identical and one could be better than the other , but for me both of them are highly rated AVs that has been around for years, but end of it it's just a personal taste and what do you prefer , both of them are good AVs

Most of the ransomware infections happened because someone sold access to the network since everyone was sent to work from home , so every worker had access to the network from home. , or they exploited unpatched systems or firewalls and through that they went, and mostly disabled the AVs before they could run their ransomwares

I agree with you that both are very good, but Kaspersky in everything I see is taking advantage of their products, whether with ransomware or even the VPN that comes with it. and also has Kaspersky Protection that comes in your browser: https://chrome.google.com/webstore/detail/kaspersky-protection-190/amkpcclbbgegoafihnpgomddadjhcadd

- not to mention that you have the kaspersky manager password that comes with your DESKTOP product.
- Program updater that ESET does not have.
- Cleaner of files and traces of the operating system.

It has several other advantages, I wonder why ESET doesn't have these products to face KASPERSKY?
- ESET does not even set the dark mode on the product itself. that makes me sad.

Link to comment
Share on other sites

  • Administrators

An example of a backdoor / RAT detection:

C:\!test\sample.exe - a variant of Win32/Y3KRat.AD trojan

 

Link to comment
Share on other sites

  • Most Valued Members
55 minutes ago, New_Style_xd said:

I agree with you that both are very good, but Kaspersky in everything I see is taking advantage of their products, whether with ransomware or even the VPN that comes with it. and also has Kaspersky Protection that comes in your browser: https://chrome.google.com/webstore/detail/kaspersky-protection-190/amkpcclbbgegoafihnpgomddadjhcadd

- not to mention that you have the kaspersky manager password that comes with your DESKTOP product.
- Program updater that ESET does not have.
- Cleaner of files and traces of the operating system.

It has several other advantages, I wonder why ESET doesn't have these products to face KASPERSKY?
- ESET does not even set the dark mode on the product itself. that makes me sad.

I would say that that some of the features like the cleaner are not related to an AV. 

There seems to be a lot of AVs that do more than security like removing uneeded files, startup manager etc. Many people believe an AV should focus on being a security product and not a fits all product e.g. a system cleaner and so on.

As mentioned above as backdoors tend to be malware it will fall under malware and not have a separate part in the program. Some AVs might mention it as a marketing tactic.

I will add I do think Eset should offer something similar to Kaspersky's snapshot feature. Even if it doesn't always work, something that could rollback changes by ransomware is always going to be well received even if it doesn't work everytime. I presume there are no plans for this currently @Marcos

Link to comment
Share on other sites

Windows based backdoor's are a very broad category. In their simplest form, they a can be nothing more than a reverse shell.

The problem with backdoor's is there is nothing initially inherently malicious about them. All they do in essence is establish a remote connection. Also a backdoor can remain dormant for days, weeks, and even years.

The only way a backdoor can be detected is by either having a signature for it or by IP address blocking  whatever it is try to connect to. Anyone that states otherwise is "blowing smoke." 

Edited by itman
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...