王者歸來 Norton Internet Security 2008 評測(譯自 PC Magazine)

原文譯者:
卡飯網友hljdqzr

1我曾為這個網站的卡巴斯基安全套裝7.0評測做過翻譯,有網友對這個網站權威提出疑問。我之所以選擇它是因為,諾頓的中國官方網站介紹諾頓網絡安全特警2007版本得到它的編輯選擇獎。同樣這次2008版本仍得到了該網站的最高榮譽,編輯選擇獎。
2生詞查自百度詞典,新英漢詞典與搜索引擎。對於可能有另外意思的單詞,我將在括號裡寫下我個人理解的意思,括號裡有問號,括號前標出原意。不當之處,歡迎大家提意見,我盡快改正。有些話,我用了自己的語言,完整翻譯太累了。
3原網站評測了諾頓的各方面防護能力,時間所限,我只翻譯防火牆與殺毒部分,請諒解。
Symantec continues to polish and enhance its flagship Norton Internet Security suite. The 2008 edition adds full-scale password and identity management, and its new BrowserDefender technology offers even stronger defense against Web-based attacks. Borrowing a page from Norton 360's playbook, NIS 2008 now offers a built-in, multilayered help system. For the multicomputer home, it now includes a network map and optional remote monitoring of other NIS 2008 installations. Antispam and parental controls remain second-class citizens, present only if you install the optional Add-On Pack.
賽門鐵克,繼續優化與提升它旗艦級產品,諾頓網絡安全特警。這個2008版本增加了完全的密碼與身份管理,它的新的閱覽器守衛者科技,針對其於網絡的攻擊提供了更好的保護。借用了諾頓360劇本(?界面)的一頁(?頁面),NIS 2008現在提供了內置的多層幫助系統。對於有多台電腦的家庭,它包括了一個網絡地圖與可選的對其它的NIS 2008設置的監視。反垃圾郵件與父母控製仍是二等市民,只有你安裝了可選的Add-On Pack才有效。
Organizationally, the main screen is little different from that of NIS 2007, though it has traded its cheerful blue background for a tougher-looking patterned black. You still get an overview of all the security modules and a great big icon that reflects overall status. If it's anything but the green check mark that means fully protected, just click Fix Now to set everything right.
組織上,主界面與NIS 2007的區別不大,雖然它已經將令人愉悅的藍色背景換成了更嚴肅的黑色樣式。你仍能得到所有安全模塊的綜述與一個反映總體狀態的大圖案。如果這個表示完全保護的綠色檢查標志改變,只需點現在修複去恢複一切。
Fabulous Firewall
驚人的防火牆
The suite's firewall puts all ports in stealth mode, making them invisible to hackers─that almost goes without saying with modern firewalls. The NIS 2008 firewall blocked all my Web-based tests; in several cases it reported a port-scan attack and blocked the "attacker" for half an hour. As in previous versions of NIS, the latest firewall is armor-plated against attack by malware. I couldn't find any way to disable it programmatically (and believe me, I tried). Panda's firewall was also pretty tough, but it gave way to my last-resort attack using fake mouse clicks─NIS resisted even that attack. And BitDefender Total Security 2008? Well, I showed that a malicious program could turn off that suite's protection by disabling essential services─it needs to get tough, like the other two!
這個套裝的防火牆隱藏了所有端口,使它們對於黑客不可見-這對於現代防火牆幾乎是不言而喻的。NIS 2008防火牆阻止了我所有基於網絡的測試;在一些情況下,它報告端口掃描攻擊並阻止攻擊者半個小時。在以前版本的NIS,最新的防火牆對抗惡意軟件的攻擊是披上了盔甲(?很堅固的)。我不能找到辦法從程序上關閉它,(相信我,我試過)。熊貓的防火牆也很堅固,但它屈服於我最后手段,用偽造的鼠標點擊-但NIS 抵抗住這個功擊。而 BitDefender Total Security 2008呢?我展示了一個惡意程序能通過關閉它必要的服務來關閉這個套裝的保護-它需要再強大一些,像其它兩個。
Symantec was an early proponent of the rising trend to put responsibility for security decisions where it belongs─with the security software. Like Panda's firewall, NIS 2008's never asks you whether this or that program should be allowed access to the Internet. If the firewall recognizes known bad programs, it just removes or disables the threats; there's no question of allowing them Internet access. The firewall graciously allows known good programs to connect at will. Using its SONAR (Symantec Online Network for Advanced Response) technology, NIS 2008 watches unknown programs for signs of malicious behavior, and as long as they play nice it lets them access the Net.
賽門鐵克,是負責決定安全軟件的決定上升趨勢中早期倡導者(?它很早自動為用戶作安全決定)。NIS 2008從不問你是否這個,那個程序該允許連接網絡。如果這個防火牆識別出已知的壞程序,它只是移除或關閉這些威脅;是否允許它們連接網絡是毫無疑問的。這個防火牆會盛情的(?毫無疑問的)允許已知的好程序隨意連接。應用它的 SONAR (Symantec Online Network for Advanced Response)科技,NIS 2008觀察未知程序的是否有惡意行為的跡象,且只要它們表現體面(?正常),它會允許它們連接網絡。
I usually run a set of "leak test" utilities to check whether the firewall can handle malware that tries to evade normal program control. In the past, NIS hasn't detected these because they have no malicious payload─which is completely reasonable. This version, however, did block all but two of a dozen samples, identifying them with generic names such as "Trojan Horse," "Hack Tool," and "Downloader." This probably doesn't make users any more secure, but it gives us security testers a warm, fuzzy feeling
我經常運行一套leak test公用事業(?組件)去檢查是否防火牆能處理試圖逃避正常程序控製的惡意軟件。過去,NIS不去偵測它們因為它們沒有惡意炸藥(?不太重要)-這是很合理的。這個版本,盡管如此,確實檢測出除兩個以外的所有樣本,將它們認成Trojan Horse,Hack Tool,與 Downloader.這也許對用戶沒多大用處,但它的確給安全測試者一個警告,但有模糊不清的感覺。
For this review I added a new tool to my testing arsenal: Core Impact. Among many other features, this penetration tool automatically generates exploits to probe a system's defenses. Working across the virtual network I unleashed over a dozen client-side exploits on the NIS-protected system. This type of exploit gets into your system when you click a link in an e-mail message or visit a hacked (or deliberately malicious) Web site. In addition to a number of Internet Explorer exploits, I managed to unleash one aimed at Firefox and some that go straight for Windows itself through various vulnerabilities. A few failed simply because the test system's browser and operating system were fully updated. NIS's Intrusion Prevention System recognized and blocked all but one of those that got past that initial hurdle. The one that wasn't recognized still couldn't actually do anything harmful because it was stopped by Norton's suite. Going forward, I'll be challenging other security suites and firewalls in the same way
對於這次測試我為我測試收藏增加了新的工具︰核心影響。在許多其它功能中,這個入侵工具自動生成漏洞去入侵系統防御。工作在整個虛擬網絡,我對NIS-保護的系統發動十多個客戶端漏洞攻擊。這類漏洞進入了你的系統,當你點擊一份電子郵件的連接或登陸被黑的(或故意如此的)網站。除了許多Internet Explorer 漏洞,我設法釋放一個旨在firefox與一些旨在Windows自身的漏洞,通過不同的弱點。一些直接失敗,因為測試系統的閱覽器與操作系統被徹底升級。NIS入侵阻止系統識別並阻止那些擺脫最初障礙的漏洞,除了一個。這個仍沒被識別的漏洞實際上不能產生危害,因為它被諾頓的套裝所阻止。以后,我會用同種方法測試其它安全套裝與防火牆。
太累了,下次再更新,見諒。
While the 2008 edition hasn't been through independent lab testing yet, Norton AntiVirus 2007 got top marks from all the labs. Both ICSA Labs and West Coast Labs certified it for virus detection and cleaning; West Coast Labs also gave it Checkmark certification for detecting spyware and Trojan horses. And you have to go back to 1999 to find any occasion when a Symantec product did not receive the VB100% award from Virus Bulletin. In addition, a very recent test by AV-Comparatives rated Symantec's technology Advanced+, the highest rating.
盡管,2008版本還沒有經歷獨立研究室的測試,諾頓反病毒2007在所有研究室得到了頂級評價.ICSA研究室與West
Coast研究室擔保它的病毒偵測與清除能力;西海岸研究室在其偵測間諜軟件與木馬授予了Checkmark証明.而你不得不追溯到1999年,只有那時一個賽門鐵克產品沒得到Virus Bulletin的VB100% 獎勵.另外,AV-Comparatives 最近的測試將賽門鐵克科技評價為Advanced+, ,最高的評價.
The combined antivirus/antispyware scans files on access, on demand, and on schedule. You can set up a full or custom scan at daily, weekly, or monthly intervals, or configure scans to run at start-up, at log-on, or when the system is idle. The suite scans incoming and outgoing e-mail for malware and also watches outbound e-mail traffic for signs that a worm is sending e-mail using your computer. NIS 2008 scans files received through popular IM programs (Yahoo!, AOL, MSN, and Trillian) as well. It also finds known malicious programs by matching their signatures and catches unknown ones using its SONAR behavior-based tracking. In addition, the suite specifically looks for keylogger and rootkit activity
聯合反病毒與反間諜按使用,按需要,按時掃描文件.你能設定在每天,每周,每月空閑時間進行完全或自定的掃描,或更改掃描設定,在啟動時,在登錄時或當系統空閑時掃描.這個套裝掃描入站與出站電子郵件中的惡意軟件,同時監視出站電子郵件連接,查找是否有一個蠕虫用你的電腦發送電子郵件的跡象.NIS 2008同樣掃描通過流行IM程序(Yahoo!, AOL, MSN, and Trillian) 接受的文件.它還通過基於特征找到已知的惡意軟件,用它SONAR基於行為技術來追蹤未知惡意軟件.另外,套裝特別注意鍵盤記錄者與ROOKIT行為.
By default, NIS 2008 runs a preinstall scan during the installation process, and you'll definitely want to accept that default. When I installed it on my infested test systems, the pre-install scan detected and at least partially disabled almost three-quarters of the malware samples, including adware, spyware, Trojans, rootkits, and rogue antispyware programs. After a full scan almost every single one of the samples was gone─NIS 2008 scored 9.3 out of a possible 10 points. In the same test Spy Sweeper and Spyware Doctor scored 9.0 and 9.1, respectively; BitDefender rated 8.6 points
默認時,NIS 2008在安裝中進行安裝前掃描,你會自然的接受默認的設定.當我把它安裝在我受感染的系統時,安裝前掃描偵測並最起碼部分關閉大概四分之三惡意軟件樣本,包括廣告,間諜軟件,木馬,rookit與流氓對抗反間諜軟件程序.在徹底掃描后,每一個樣本都被移走-NIS 2008在可能的10分中得到9.3分.在同樣的測試中, Spy Sweeper 與Spyware Doctor 分別得到9.0分與9.1分.BitDefender得到8.6分.
Panda Internet Security 2008 recently aced this test, scoring 10 out of 10, but there's an interesting distinction to be made. In most cases Panda wiped out only the essential executable files, leaving behind dozens of data files and Registry items. NIS, on the other hand, wiped out every single trace of about two-thirds of the samples and cleaned up the rest more thoroughly than most products. My Panda contact noted that without the malware executables, the other traces are harmless. That may be true, but surely it's better to avoid clogging the Registry and file system with useless junk. I did find, however, that a full scan on my standard clean test system took nearly an hour with NIS 2008, almost twice as long as that of NIS 2007. I guess that thorough cleaning takes a bit of extra time. It's worth the wait, in my opinion.
Panda Internet Security 2008 最近贏得滿分,但造成了有趣的區別.在大多數情況下,Panda 清除必要的執行文件,留下了大量數據文件與注冊表項目.NIS,與此相反,清除大概三分之二樣本的痕跡,清理其余的樣本比其余大多數產品更徹底.我的Panda 聯系者指出沒有惡意軟件執行文件,其余的痕跡是無害的.這也許是對的,但避免用無用的垃圾來阻塞注冊表與文件系統不是更好嗎.我的確發現,盡管如此,用我的NIS 2008在我的規范的清潔測試系統徹底掃描用了近一個小時,幾乎是NIS 2007掃描時間的兩倍.我猜徹底地清理需要更多時間.等待是值得的,在我看來.
I always run a separate test using commercial keyloggers in place of malware. I don't give this test as much weight, since a typical commercial keylogger has to be installed by someone who has physical access to your computer. But NIS 2008 deserves credit for wiping out every single one of the samples in this test for a perfect 10 of 10. (Panda bombed with 2.1 points in this same test. BitDefender did better, scoring 7.1.)
我一直進行獨立的商業鍵盤記錄者測試代替惡意軟件.我並不太看重這個測試,因為有人需要物理上接觸你的電腦並將其安裝.但NIS 2008 該得到榮譽,因為它在測試中清除了每個樣本,得到了完美的滿分.(Panda慘敗,僅在測試中得到了2.1分.BitDefender做得更好,得到了7.1分)
One of my test systems frequently goes into a blue-screen death spiral when security software does an incomplete cleanup job. NIS 2008 had no trouble with that one. I like the fact that Norton's new suite cleans up high-risk items the moment it finds them, rather than asking the user. It asks your permission only when the item is seriously low-risk. A malware sample on another system tries to protect itself from security software by interfering with the Windows Installer. NIS 2007 installed despite this chicanery, but NIS 2008 hit a wall, which was a bit disappointing. Still, on Symantec's advice I ran a Web-based scan and then booted into Safe Mode to delete the files identified by the scan. After that I was able to install the product and complete the cleanup process.
我的一個測試系統頻繁藍屏死機當安全軟件進行了不完整的清理工作.NIS 2008 沒出現這類問題.我喜歡諾頓的新套裝找到高危條目時,立即清除的事實,而不是詢問使用者.它只有詢問你的允許當條目真的是低威脅.一個惡意軟件樣本在另外的系統中試圖保護自己免除安全軟件的清除,通過干涉Windows Installer.NIS 2007安裝成功盡管這種詭計,但NIS 2008卻 失敗了,這多少有些令人失望.然而,在賽門鐵克建議下,我運行了基於網絡的掃描並進入安全模式去刪除被掃描偵測出的文件.在此之后,我能夠安裝這個產品並完成清理過程.
As usual, I attempted to install all the same threats on a clean system protected by NIS 2008. The moment I opened the folders containing the samples, though, NIS started eliminating them. Within a minute or two it had wiped out all but a handful of the malware samples and all but one of the commercial keyloggers. I tried again using samples that I had modified myself. Even though I renamed them, tweaked some nonexecutable bytes, and changed their file size, it wiped them out just the same. Of the handful of remaining threats, most got caught early in the install process. Overall NIS 2008 scored 9 of 10 points against the malware samples and blocked every single commercial keylogger for another perfect 10. Spy Sweeper rated 8.1 at blocking malware installation, while Spyware Doctor racked up 9.8 points. Panda scored 10 against the malware samples, but was much less effective at blocking commercial keyloggers─scoring a mere 3.6. And BitDefender lags the pack slightly, with 8.8 points against malware and 4.3 against keyloggers
與平常一樣,我嘗試安裝所有樣本在NIS 2008保護的清潔系統.當我打開包含樣本的文件夾,然而,NIS開始消除它們.
在1,2分鐘內,它清除了除少量樣本惡意軟件以外的所有樣本與除一個以外的所有商業鍵盤記錄者.我又用我自己修改的樣本試了一次.即使,我重命名它們,修改一些不執行字節,並改變它們的文件大小,它同樣清理它們.對於少量存留威脅,大多數在安裝時很早被捕捉.總體上NIS 2008 得到了10分中的9分,對抗惡意軟件樣本並在阻止每個商業鍵盤記錄者上得到滿分.Spy Sweeper 在阻止惡意軟件安裝得到了8.1分,而Spyware Doctor 累計得到9.8分.Panda在對抗惡意軟件樣本得到了10分,但阻止商業鍵盤記錄者上效果差一些-得到僅僅3,6分.而BitDefender輕微落后背包(?測試),對抗惡意軟件8.8分,4.3分對抗鍵盤記錄者.

轉貼自卡飯
http://bbs.kafan.cn/viewthread.php?t...extra=page%3D1