locked
Does OneCare Include a Web (HTTP) Scanner? RRS feed

  • Question

  • Does OneCare scan HTTP traffic for viruses / malware?
    Monday, December 3, 2007 3:42 AM

Answers

  • Yes, since it's tied into both the IOfficeAntivirus API (Application Programming interface) and the firewall uses the WFP API (Windows Filtering Platform) as well as being tightly integrated into the Internet Explorer download system.

     

    Actually, this is how everything is monitored in almost all modern AntiVirus packages, since the abilities these API sets provide are far more powerful than the older proxy and other methods that older AV applications used to use. Since they allow the AV application to get control of an incoming file before it is ever actually available to even be read, they give the AV more control over the files than they ever had previously.

     

    HTTP is simply another specific type of traffic and really has no meaning in this context, since no matter what specific port or protocol is used, a file is simply a file and must be treated as suspect in exactly the same way no matter how it entered the system.

     

    OneCareBear

    Monday, December 3, 2007 5:21 AM
    Moderator

All replies

  • Yes, since it's tied into both the IOfficeAntivirus API (Application Programming interface) and the firewall uses the WFP API (Windows Filtering Platform) as well as being tightly integrated into the Internet Explorer download system.

     

    Actually, this is how everything is monitored in almost all modern AntiVirus packages, since the abilities these API sets provide are far more powerful than the older proxy and other methods that older AV applications used to use. Since they allow the AV application to get control of an incoming file before it is ever actually available to even be read, they give the AV more control over the files than they ever had previously.

     

    HTTP is simply another specific type of traffic and really has no meaning in this context, since no matter what specific port or protocol is used, a file is simply a file and must be treated as suspect in exactly the same way no matter how it entered the system.

     

    OneCareBear

    Monday, December 3, 2007 5:21 AM
    Moderator
  • Perfect, thanks!
    Monday, December 3, 2007 1:48 PM