***Simulate a trojan with Trojan Simulator:
Abtrusion Protector can prevent the execution of the trojan test.
AP is the winner.
***Memory manipulation:
-with UH: AP can't prevent its own process memory to be read and written: AP failed.
-Access to physical device memory with Physmem:
Abtrusion Protector failed.
Abtrusion Protector failed against memory manipulation test.
***Service manipulation:
Abtrusion Protector has failed on the 4 tests.
***CDROM autorun:
AP has detected the CDROM and can prevent it from running.
Abtrusion Protector is the winner.
***Fakes/jokes test:
The program was allowed to run as a trusted file.
-open/close the CDROM driver: AP failed.
-launch several applications at the same time (Windows ones, then trusted ones): AP failed.
Abtrusion Protector failed against Jokes test.
***Buffer overflow test:
Abtrusion Protector failed for the 2 tests.
***Deactivation methods:
-trashcan: Abtrusion Protector wis the winner,
-Blacklisting: Abtrusion Protector failed.
Abtrusion Protector failed against deactivation methods.
par kareldjag aka michel
publié dans :
HOST INTRUSION and PREVENTION SYSTEM TESTS