Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 6 subscribers
  • Views 34111 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

using AMTSO's anti-malware feature checks

Bob_Stromberg

The Anti-Malware Testing Standards Organization (AMTSO) provides a way to test antivirus programs. Well, it’’’’s actually a check of features and settings. Go tohttp://www.amtso.org/feature-settings-check.html (“Feature Settings Check for Desktop Solutions”), where there are 5 features to check:

1. Test if my protection against the manual download of malware (EICAR.COM) is enabled
2. Test if my protection against a drive-by download (EICAR.COM) is enabled
3. Test if my protection against the download of a Potentially Unwanted Application (PUA) is enabled
4. Test if protection against accessing a Phishing Page is enabled
5. Test if my cloud protection is enabled

I use Sophos Anti-Virus for Mac and have for several years, so I tried these out.

EDIT 2014-03-26 changed test #3 to #4): I had to set some preferences correctly but after doing so SAV passed tests 1, 2, 3, and 5. In my test SAV does not pass the anti-phishing web site test (#4).

I’’’’d appreciate it if other users of SAV would test their settings. I’’’’d rather find that that I made some mistake and that SAV protected against phishing web sites.

Thanks!

:1016485


This thread was automatically locked due to age.
Parents
  • 0
    phubai wrote:

    Not necessarily worthless if you have windows machines on your home network

    Agreed.  If you only have a Mac environment then Windows binaries won't affect your network.  However if you have a mixed network and/or pass files to remote users (like email to friends with attachments) then scanning for threats to Windows on a Mac is important.

    phubai wrote:

    As an aside, today, Sophos is not picking up the phishing page threat at all for some reason, and it's not updating right now either, so either it has "learned" that the AMTO phishing test site is not harmful afterall, or it needs to learn that it may be?


    Just test again and it's blocking the page for me...

    ...check Web Protection is enabled would be the first thing.

    I don't believe there are any updating problems at the moment server-side (and my Macs are working OK).  If it's not updating check the log for any problems and consider any recent network/computer/firewall changes.

    This link has a video that (if you skip the first two minutes because you know you have the 'Home Edition' - a lot of users aren't sure) explains a bit of log analysis for updating problems.

    :1016729
Reply
  • 0
    phubai wrote:

    Not necessarily worthless if you have windows machines on your home network

    Agreed.  If you only have a Mac environment then Windows binaries won't affect your network.  However if you have a mixed network and/or pass files to remote users (like email to friends with attachments) then scanning for threats to Windows on a Mac is important.

    phubai wrote:

    As an aside, today, Sophos is not picking up the phishing page threat at all for some reason, and it's not updating right now either, so either it has "learned" that the AMTO phishing test site is not harmful afterall, or it needs to learn that it may be?


    Just test again and it's blocking the page for me...

    ...check Web Protection is enabled would be the first thing.

    I don't believe there are any updating problems at the moment server-side (and my Macs are working OK).  If it's not updating check the log for any problems and consider any recent network/computer/firewall changes.

    This link has a video that (if you skip the first two minutes because you know you have the 'Home Edition' - a lot of users aren't sure) explains a bit of log analysis for updating problems.

    :1016729
Children
No Data