Jump to content

The Built In Anti Virus


Guest Phil Crane

Recommended Posts

When you run this it brings up near enough every file in the ipb region as so called alerts if no edits have been made to these files and they still come up is this a bug of some sort? imho if you have a board with no mods on it at all just the invision files nothing else and you scan through acp, surely nothing at all should come up but it does, im a little baffled to why they come up if they are standard ipb files

Link to comment
Share on other sites

The Anti-virus is built to imform you that some of the files in your IPB folder have a lot of queries and other things in them. The reason that a lot of IPB's files are shown in this system is because there are a lot of queries in them. As the administrator and regularly looking at this screen, you should have good idea about which files should be in that folder. It is just another way that you can protect your board.

Link to comment
Share on other sites

It is not really based on a lot of queries, but the concept is similar. It's based on file size, file owner, last modified date and so on.

If you have a freshly installed IPB, the modified date on the files is going to be recent (whenever you installed). IPB does not know that the files have not been hacked...it is just simply alerting you to certain characteristics that can be suspicous. :)

Link to comment
Share on other sites

It's only like that because it looks at the last modified timestamp...which is the same as your creation timestamp because it's a fresh installation... this layer of security will only be relevant to you as your board gets older... when you _know_ you havent installed any modifications or done any other kind of hacking on the files, and all of a sudden there is a file that popups up in the checker that was changed 6 hours ago... it's a red flag for you to investigate the matter further...

All of these new security tools in v2.2 are each seperate layers of plastic wrap... each of them by themselves are not totally strong or very good...but when layered together provide you a nice and flexible shield to protect yourself from outside forces... Also, these tools are merely there to point out possible red flags in the system, given the dynamic and unique lifestyle that each board installation lives through there isnt any reliable way for IPS to create a system that says "ok this file is a trojan FOR SURE, and this other file is NOT for SURE!"... all they can do is look at various critical information and make a best guess...

Link to comment
Share on other sites

  • Management

All of these new security tools in v2.2 are each seperate layers of plastic wrap... each of them by themselves are not totally strong or very good...but when layered together provide you a nice and flexible shield to protect yourself from outside forces... Also, these tools are merely there to point out possible red flags in the system, given the dynamic and unique lifestyle that each board installation lives through there isnt any reliable way for IPS to create a system that says "ok this file is a trojan FOR SURE, and this other file is NOT for SURE!"... all they can do is look at various critical information and make a best guess...



Couldn't have put it better myself.
Link to comment
Share on other sites

  • 3 years later...

I personally think that there should be an option to ignore a file until its modified datestamp is changed. Once it's changed, IPB should red flag it and alert the administrator. However, the file should remain ignored as long as the modified datestamp remains unchanged.

Link to comment
Share on other sites


It's not a bug. As stated before, IPB has no way of knowing if it's valid or not, so it's simply telling you it's suspicious. Check the file out, if it's all valid, then ignore it. <img src="http://forums.invisionpower.com/style_emoticons/<#EMO_DIR#>/original.gif" style="vertical-align:middle" emoid=":)" border="0" alt="original.gif" />




I have to agree that flagging the files, even when it's a fresh, new installation makes little sense. To someone not familiar with how it works, it could cause undue panic. I find that I pretty much ignore everything it says in the security center and check the files at the server level.
Link to comment
Share on other sites


I have to agree that flagging the files, even when it's a fresh, new installation makes little sense. To someone not familiar with how it works, it could cause undue panic. I find that I pretty much ignore everything it says in the security center and check the files at the server level.



When I first saw that, it did freak me out a bit that IPB was flagging its own files as suspicious, but I didn't take any action against it, because I figured it might screw something up.
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...