Hi there, On Fri, 11 Sep 2020, Wirth Ervin via clamav-users wrote:
According to your answer, I assume that PC setup/configuration count like 80 %, and AV is like 20 % against threats.
I wonder if you caught the meaning when I wrote
"If we ass-u-me that systems thesedays are ..."
We say here that to "assume" makes an "ass" out of "u" and "me". :) It's impossible to put firm numbers on the relative contributions of the many techniques which are used to prevent compromises by malware without having a good understanding of the particular systems which are being assessed, the way they're being used, the environments to which they are exposed and the threats which they face as a result. Even with all that information it's still difficult. But I believe that many people engage in wishful thinking when it comes to AV and I would never like to over-estimate the value of AV products. They're often only as good as the user using them - sometimes not even that. When a new threat appears, most of them completley fail to protect against it, and for those that manage to it's often only by accident. So if you rely 100% on AV products for protection you're going to be disappointed, sooner or later. You need a multi-layered approach. My feeling is that you first need to become familiar with the ways that malware will attack systems. Perhaps surprisingly there aren't many of those. Then you need to be familiar with the techniques that are available for defence. There aren't many of those either. Then you can look at the tools, packages and services which employ those techniques and offer (or claim to offer) some kind of protection. As a result of the abysmal failings of a few software companies (so few that they can be counted on your fingers) there is now a huge global industry devoted to producing such things, and the choices are quite bewildering. There's even a small global industry producing _fake_ packages which - instead of protecting you from malware - install it. Obviously you need to be sceptical or even cynical in your research.
- Could you advise a real-time protecting software against malware/ransom/virus etc.? (open-source or even commercial)
You haven't said for which operating system, and using which software packages. If it's Windows 7 then as it's now End Of Life my advice is to stop using it for anything which exposes it to the Internet unless you can obtain Microsoft's extended support. In more recent Windows versions Microsoft has improved its own offering a great deal when you compare it with their original approach - basically "now that you've installed Windows, you must immediately install an anti-virus package to protect it". Compared with ClamAV, Microsoft's offering does some things which ClamAV doesn't do and doesn't do some things which ClamAV does. So together, the two could make a good starting combination BUT you need to do your homework so please re-read my previous paragraphs. It isn't really appropriate for me to say more than that on this list. -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
