Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

What is the best anti-forensics and malware standalone program?

user-image
Question added by Ahmed Fathy , Information Security Specialist , UAE University
Date Posted: 2014/05/20
Ashutosh Gautam
by Ashutosh Gautam , Lead: Enterprise Network and Security , Thakral One Nepal Pvt Limited

Hey!

 

Quoting a solution is itself vague and debatable. You may want to take into consideration about what type of solution you are looking for - open source or proprietary - which again may lead you to industry practices and Gartner rankings.

 

While forensics is the art of digging the past, pseudo-literally, I call this step as a Sherlock of events. You have to think what caused the issue. This can be termed as the root cause analysis, and can be multi-fold. For example, your servers are compromised, you take your dump, analyze it, look for the malware footprints - typically with ps, top, htops, netstat - that was dumped during your snapshot.

 

Now, finally, you issue some solution magic, parse the required field, and conclude your scenario. Personally speaking, I tend to use Volatility framework and pyMal, which both are an excellent addition to Python framework.

 

Summarizing, the process is long, and is arguably debatable to an extent. Let us know what exactly are you looking as a part of a security solution - Network | Systems | Applications. We may then look upon the options you currently have in the InfoSec market.

 

Cheers!

Deleted user
by Deleted user

Basm Allah Alrahman Alrahim

 

 

lets look from another point of view ?

 

all antimalware software developers are in a strong racing to find solutions to any malware appear , so that mean some of them will find new solution faster than the others and some may focus on some malware types or categories , and others will focus on others , so how you will know the area that you must use to handle your PC malwares ? , the only solution is to use all of them .

 

you may said that strange and may cost me a lot of money .

 

that right , but if you are a regular user , you may find that all of strong developers made free edition , and if you use all of them ,you will not pay any thing and also there are a lot of open source or free software

 

If you are admin at any company you will found that you can get all antimalware programs , and will cost you about1000 pound approximately

 

Note

you must not use all of them at the same time , and you must stop all of them from admin root [ F8 ] services , to not start with log in automatically , because conflict will appear , so make them start manually from services and use them one by one

 

Note2

stooping antivirus or antimalware from services will make your PC always faster , and scheduled your tasks

 

Thank you for this question that help us to search and learn

 

 

To say the truth, there is no100% threat free solutions. But I believe Norton Antivirus is the best offered solution by keeping the signature file updated up to date.

More Questions Like This