For the past several years, I have read how poorly anti-virus programs actually protect our systems, since they are reactionary and only provide protection after a virus is identified and the threat neutralized. I have often thought that a product that actual alerts the user of a threat by stating ‘ heh, some program is trying to mess with your system”, made more sense. And over the years I have used several different products that actually provide some type of a warning, but not exactly like I stated above. Two such programs I use on my system are WinPatrol and Startup monitor, both o which I have written about in the past.

Does this mean that I have given up on anti-virus protections? No way.I still employ a A/V program or two, just in case. And I also go out on the web about once a month or so and do a online scan, since there is no single problem that is going to provide 100% protection 100% of the time. IMHO. There is always the chance that some hacker is going to be able to outsmart any protections no matter how smart the protection is. So employing multiple-layers seems like the best way to proceed.

So it was with profound interest that I read a excellent article by Ellen Messmer over at Network World, in which she has provided extensive insight into this very subject. She states in her article:

“Some industry analysts are proclaiming the traditional antivirus method for detecting and eradicating viruses, trojans, spyware and other baneful code by matching it against a signature to be “dead.”

They say signature-based checking can’t keep up with the flood of virus variants manufactured by a criminal underworld that is beating the antivirus vendors at their own game. And they are arguing it’s time for companies to adopt newer approaches, such as whitelisting or behavior-blocking, to protect desktops and servers.”

So does this mean that we throw away our anti-virus programs? Nope. We just need to supplement them with other software, like the free ones I have mentioned.

Network World article.

[tags]antivirus, software, behavior blocking, [/tags]