ABTRUSION PROTECTOR Part 2

Publié le par kareldjag aka michel

***Simulate a trojan with Trojan Simulator:


Abtrusion Protector can prevent the execution of the trojan test.

AP is the winner.



***Memory manipulation:


-with UH: AP can't prevent its own process memory to be read and written: AP failed.


-Access to physical device memory with Physmem:

Abtrusion Protector failed.


Abtrusion Protector failed against memory manipulation test.



***Service manipulation:



Abtrusion Protector has failed on the 4 tests.




***CDROM autorun:


AP has detected the CDROM and can prevent it from running.

Abtrusion Protector is the winner.




***Fakes/jokes test:


The program was allowed to run as a trusted file.


-open/close the CDROM driver: AP failed.

-launch several applications at the same time (Windows ones, then trusted ones): AP failed.


Abtrusion Protector failed against Jokes test.



***Buffer overflow test:


Abtrusion Protector failed for the 2 tests.



***Deactivation methods:


-trashcan: Abtrusion Protector wis the winner,

-Blacklisting: Abtrusion Protector failed.


Abtrusion Protector failed against deactivation methods.











Commenter cet article