Jump to content

may i ask a question about live grid?

mantra
 Share

Recommended Posts

mantra

mantra 1

Posted
Posted (edited)

Hi

i'm running the last v8 built under windows 10 64bit pro

 

may i ask 2 question about Live Grid ?

 

1) does eset download a white list "hashes" (live grid ) to detect safe programs ?

 

2) does all the version (v8 ,v7 ,v6) use the same Live Grid tecnology  ?

 

i read the manual , but there is nothing

outside

information about scanned files is verified against data from the cloud-based ESET Live Grid to improve detection and scanning speed

 

what does it means ?

that i need to internet connection active to use the live grid ?

thanks

Edited by mantra
Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted

Hi mantra,

 

The following information about LiveGrid does at least apply to V8 and V9.....
 

ESET LiveGrid is an advanced early warning system comprised of several cloud-based technologies. It helps to detect emerging threats based on file and URL reputation and improves scanning performance by means of whitelisting. New threat information is streamed to the cloud in real-time, which enables the ESET Malware Research Lab to provide a timely response and consistent protection at all times. ESET malware researchers use the gathered information to construct an accurate snapshot of the nature and scope of global threats, which helps us to focus in on the right targets.

 

The ESET LiveGrid reputation system improves the efficiency of ESET anti-malware solutions by comparing scanned files to a vast, cloud-based database of known objects. When an executable file or archive is being inspected on the user’s system, its hashtag is first compared against these white- and blacklisted items. If the inspected item appears on the whitelist, it is considered clean and is flagged to be excluded from future scans. If it is on the blacklist, appropriate actions are taken – based on the nature of the threat. Only when no match is found is the file in question scanned thoroughly. This approach has a significant positive impact on our products’ scanning performance.

 

Previously unknown suspicious samples/objects are collected and automatically processed on our in-the-cloud backend systems (including sandboxing). If a sample proves to be malicious, automated signatures are generated and immediately pushed out to our customers. This mechanism allows for effective detection of emerging threats even before the regular signatures are delivered to users’ computer via our standard signature database update (which happens several times a day).

 

Yes, LiveGrid is a "cloud service" so in order to take full advantage of LiveGrid and for data to be sent between your computer and LiveGrid one need to be connected to the internet. And have LiveGrid enabled in the product of course.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted

Previously unknown suspicious samples/objects are collected and automatically processed on our in-the-cloud backend systems (including sandboxing).

 

Problem here is if it's cloaked malware some of which are sandbox aware, it could escape detection.

 

The implication here is it is passes cloud and back-end scanning, the software will be whitelisted on your PC?

Link to comment
Share on other sites
rugk

rugk 397

Posted
Posted (edited)

Problem here is if it's cloaked malware some of which are sandbox aware, it could escape detection.

You don't know what sandbox ESET uses and the malware (author [hopefully]) does not know this either. Additionally there could be multiple sandboxed used or the file could otherwise be analysed or processed before it's given to the sandbox.

Basically many things could happen there. And I'm sure ESET makes it as hard as possible for the malware to get out that it's running in a sandbox.

 

The implication here is it is passes cloud and back-end scanning, the software will be whitelisted on your PC?

It would not be whitelisted - it just would not be detected. That means if there is a traditional signature it would still detect it.

To get on the cloud whitelist a file must pass more criteria than a single test AFAIK. E.g. statistical things like how many users use it, how new the file is may play a role, but I think there are more factors, which ESET won't disclose - of course.

 

 

BTW - I like this one: "its hashtag is first compared against these white- and blacklisted items"

Hashtag? #maliciousfile ;)

Whoever wrote the help possibly just meant hash and not hashtag.

Edited by rugk
Link to comment
Share on other sites
mantra

mantra 1

Posted
  • Author
Posted
 
 

 

Hi mantra,

 

The following information about LiveGrid does at least apply to V8 and V9.....
 

 

Yes, LiveGrid is a "cloud service" so in order to take full advantage of LiveGrid and for data to be sent between your computer and LiveGrid one need to be connected to the internet. And have LiveGrid enabled in the product of course.

 

thanks

i have noticed that live grid works better in v8 then prev. version

when did eset intruduce it ? i mean in version 4 ?

thanks again

Link to comment
Share on other sites
rugk

rugk 397

Posted
Posted (edited)

Interesting to know. However I don't know why this matters...

 

Especially how do you get this conclusion?

i have noticed that live grid works better in v8 then prev. version

 

I think there weren't significantly changes and the new LiveGrid module is independent of the product versions (also appears in v8).

Edited by rugk
Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,074

Posted
  • Administrators
Posted

 

i have noticed that live grid works better in v8 then prev. version

 

I think there weren't significantly changes and the new LiveGrid module is independent of the product versions (also appears in v8).

 

That's true. LiveGrid works the same way regardless of whether one has v5 or newer installed.

Link to comment
Share on other sites
mantra

mantra 1

Posted
  • Author
Posted
 
 

 

Interesting to know. However I don't know why this matters...

 

Especially how do you get this conclusion?

i have noticed that live grid works better in v8 then prev. version

 

I think there weren't significantly changes and the new LiveGrid module is independent of the product versions (also appears in v8).

hi

about https://forum.eset.com/topic/3296-is-smart-security-v6-100-compatible-with-w81-64bit/

update to v8 no more lags with the settings suggested by eset

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...