Jump to content

Suggestion: How about add a "Suggestion" or "Recommendation" for the HIPS and firewall?


Recommended Posts

The Live Grid is very effective and usefull for existing version of ESET products.

 

But I believe it can be more usefull.

 

The people, who is using HIPS and Firewall with both interactive mode, have some skill in dealing with threat when ESET shows a warning pop-up. But it will be better to have some "Suggestion" or "Recommendation", based on the Live Grid. Showing signature of the file only is not enough for judgement.

Link to comment
Share on other sites

  • Administrators

Information from LiveGrid might be misleading in case of malware as they would show for the process malware is injected in, ie. not for the malware itself. That said, a user would see ESET recommending them to allow the action based on the data from LiveGrid but in fact they'd allow malware to perform its action.

Link to comment
Share on other sites

Information from LiveGrid might be misleading in case of malware as they would show for the process malware is injected in, ie. not for the malware itself. That said, a user would see ESET recommending them to allow the action based on the data from LiveGrid but in fact they'd allow malware to perform its action.

I believe this is also a good way to push you guys to improve the Livegrid.

Link to comment
Share on other sites

  • Administrators

I believe this is also a good way to push you guys to improve the Livegrid.

 

 How? Malware running in memory may not exist on the disk.

Link to comment
Share on other sites

I had assumed the OP was suggesting ESET show live grid information, if available when a user prompted to create a rule in manual firewall or HIPS mode.

Sounds to be a reasonable suggestion to me. Performance issues may dictate the user be required to click to request the livegrid status.

 

Information from LiveGrid might be misleading in case of malware as they would show for the process malware is injected in, ie. not for the malware itself. That said, a user would see ESET recommending them to allow the action based on the data from LiveGrid but in fact they'd allow malware to perform its action.

If a normally safe program had malware injected into it, would it not have a different signature, so have a different live grid recomendation?

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...