A
Aaron
Breakthrough Features for Ultimate Malware and Intrusion Defense!
Features --
Dynamic Security Agent is a signature-less, anti-malware and desktop
defense application comprised of several distinct technology layers
designed to block or mitigate the damage caused by intrusion, virus and
other malware attacks. DSA features the following layers of defense
technology:
- Application Monitor/Manager
- Registry Monitor
- Process Monitor/Manager
- Email Anomaly Analyzer/Manager
- System Anomaly Analyzer
DSA also detects malware and intrusions based on behaviors characteristic
of unauthorized system use. Some of these include:
- Attempts to access a protected registry area
- Attempts to access a protected object
- Attempts to Initiate a foreign process
- Attempts to control Windows service
- Attempts to create a DNS request
- Attempts to initiate outgoing TCP traffic
Dynamic Security Agent (DSA) -- the proactive, multi-layered defense
solution for Windows desktops and servers. Get DSA today -- it's FREE for
personal and non-commercial use!
Lots more info on http://www.privacyware.com/dynamic_security_agent2.html
My impressions , most of the features are fairly standard for security
software of this class (antihook/Processguard etc).
The system anomaly analayzer is a new feature at least in my experience,
it monitors the typical cpu usage, thread use of each process over a
training period and warns you when it goes beyond this baseline
indicating something is wrong.
I suppose your whole cpu usage profile will be very different if you get
infected, but I haven't tried it for a long enough training period
(minium 7 days) to see if it makes a difference , I'll try getting
infected to see if it makes a difference after 7 days.
The email monitor does pretty much the same thing but this time it tracks
typical email loads. I suppose if your system gets infected and starting
spamming emails like crazy, it will alert you. Same comment applies, need
to finish 7 days training.
On top of that as I said it has a fairly standard set of features, cover
most common autostart registry keys (but not as complete as some other
products that I can't mention because it is not freeware).
Altought it warns you of outbound connections, it doesn't not seem to
protect from inbound connections so if you are not protected by a router
or hardware firewall, you still need a personal firewall.
The bad thing is you can't selective turn off tracking of certain
features, so if you find "Attempts to initiate outgoing TCP traffic
" useless because you have something else that covers it, you can;t turn
it off globally.
'Attempts to access a protected object' - It has a pretty broad
definition of protected object, so be prepared for a lot of prompts. On
the plus side, if your system stays failing constant, it makes for a very
tight ship after the training period.
It's also pretty stable on my computer, and doesn't slow my system one
bit compared to some other stuff I have being trying (no names because
not freeware).
Inviato da X-Privat.Org - Registrazione gratuita http://www.x-privat.org/join.php