[DISCUSSION] Microsoft AV Products (MSE/FFEP/SCEP)

Discussion in 'Application Software' started by moderate, Dec 25, 2013.

  1. moderate

    moderate MDL Guru

    Aug 31, 2009
    3,355
    2,479
    120
    #1 moderate, Dec 25, 2013
    Last edited by a moderator: Apr 20, 2017
  2. Aninvitedsoul

    Aninvitedsoul MDL Senior Member

    Sep 14, 2012
    425
    118
    10
    I'm wondering which is better System Center End Point Protection or the default Windows Defender of 8 pro ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. PaulDesmond

    PaulDesmond MDL Magnet

    Aug 6, 2009
    6,980
    7,149
    240
    a zero-day exploit will not be detected by any AV/security software until reported to the guys who update the engine which is mostly too late :D
     
  4. Aninvitedsoul

    Aninvitedsoul MDL Senior Member

    Sep 14, 2012
    425
    118
    10
    Ok then waht's the alternative.?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. CorporateRAT

    CorporateRAT MDL Member

    Aug 4, 2012
    245
    45
    10
    common Sense?
     
  6. Aninvitedsoul

    Aninvitedsoul MDL Senior Member

    Sep 14, 2012
    425
    118
    10

    Ya.I know. ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. PaulDesmond

    PaulDesmond MDL Magnet

    Aug 6, 2009
    6,980
    7,149
    240
    #7 PaulDesmond, Dec 25, 2013
    Last edited: Dec 25, 2013
    there is no vaccine for a brand new bird flu which is not detected yet ...


    edit: and for the paranoiac I only can recommend sandboxie which is one of the most secure ways to not get infected
     
  8. Aninvitedsoul

    Aninvitedsoul MDL Senior Member

    Sep 14, 2012
    425
    118
    10
    #8 Aninvitedsoul, Dec 25, 2013
    Last edited: Dec 25, 2013
    On what basis would you judge a good AV.?What are the measures.? Personal experience or technical facts.?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. NiFu

    NiFu MDL Member

    Jun 29, 2013
    129
    134
    10
    Doesn't Defender for Windows 8.1 support also a "behaviour" detection unlike Defender for Windows 8 ?
     
  10. PaulDesmond

    PaulDesmond MDL Magnet

    Aug 6, 2009
    6,980
    7,149
    240
    honestly, I don't use any AV stuff because I don't need it. Judging AV software is not possible in an objective way. There are many ways to measure such software but it is related to the sources where "viruses" come from. Always consider AV manufacturers want to make bucks. The better they "influence" the magazines or so-called independent institutes, the better a test report will be. The all of us never will have the glimpse of a chance to really see what happens behind these doors.
    Simply run the build in engine in 8.1 and take it as is. No slow down of your system et cetera.
    I have not yet tried moderate's new special but I'm sure it might be more than enough for the all of us.
     
  11. moderate

    moderate MDL Guru

    Aug 31, 2009
    3,355
    2,479
    120
    #11 moderate, Dec 25, 2013
    Last edited: Dec 25, 2013
    (OP)
    MS called that feature "Network Behavior Monitoring", while I called it "network engine"... :))

    It runs as separate system service.
    For example it can detect infiltration just based on its network behavior (like establishing daemon (server) at some port, sending information somewhere, downloading crap to PC etc.) even it the app isn't in the signatures.
    All solutions, what I numbered 2., 3, and 4. support it (so the EXE too of course).
     
  12. NiFu

    NiFu MDL Member

    Jun 29, 2013
    129
    134
    10
    #12 NiFu, Dec 26, 2013
    Last edited by a moderator: Apr 20, 2017
  13. moderate

    moderate MDL Guru

    Aug 31, 2009
    3,355
    2,479
    120
    #13 moderate, Dec 26, 2013
    Last edited: Dec 26, 2013
    (OP)
    I can tell only, that SCEP attached in 1st post has ALL features from lower versions (like W8-1 Defender), so if W8-1 Defender has any new features in system detection, then SCEP (and also MSSE) has it too... :)

    BTW: I think, that this system "behavioral" detection runs together with network "behavioral" detection as one feature, so it is only available on those version, where "network engine" is present (2. W8-1 Defender, 3. MSSE, 4. SCEP)...
     
  14. moderate

    moderate MDL Guru

    Aug 31, 2009
    3,355
    2,479
    120
    @NiFu:
    ...as you can see, latest SCEP has both of those two features (blue and red marks on the picture)
    View attachment 26122
     
  15. moderate

    moderate MDL Guru

    Aug 31, 2009
    3,355
    2,479
    120
    #16 moderate, Dec 29, 2013
    Last edited by a moderator: Apr 20, 2017
    (OP)
  16. leomate

    leomate MDL Junior Member

    Jun 19, 2009
    52
    7
    0
    Can anybody explain "remote control" feature in SCEP? And how to do it?
     
  17. roirraW "edor" ehT

    roirraW "edor" ehT MDL Addicted

    Sep 1, 2007
    618
    217
    30
    Sorry to kick this thread just for this info, but I thought I'd share that the System Center Protection works fine with Windows XP x86 with Service Pack 3.

    Thanks Moderate for sharing! Was hoping I could get this ever since I found out that it would have it during the beta.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. po15on

    po15on MDL Novice

    Sep 15, 2013
    6
    2
    0
    #20 po15on, Mar 31, 2014
    Last edited: Mar 31, 2014
    I suggest using EMET along with the antivirus of your choice