Re: Possible Mail server compromise ?

Dear Eduardo,

> This no-parsing/ParsingSafe technology is actually Sandboxing [1].
How do you know ? Reads not really like it,
Is there anybody from nruns that is reading this list ? Maybe they can
comment on their own solution ??

> BTW they keep repeating this:
> ...
> In order to protect the aps-AV itself from attacks, it has been
> completely written in highly secure managed code ( C#) , thereby
> reducing its attack surface to an absolute minimum.
> ...
>
> [1] <http://en.wikipedia.org/wiki/Sandbox_(computer_security)>
>
>    Ed <http://blog.eonsec.com>
>
> On Feb 19, 2008 3:19 AM, Faas M. Mathiasen
> <faas.m.mathiasen@googlemail.com> wrote:
> > ...
> > Apparently they happen, as the guys from n.runs seem to have invented
> > some sort of solution for this problem, rendering attacks on AV
> > impossible (??) they call it aps-AV :
> > "Protects your company from malware threats (Worms, Virus, Trojans..),
> > aps-AV reuses your existing Anti-Virus software and supports multiple
> > Anti-Virus engines. aps-AV increases the malware detection rate
> > through the diversity and heuristics of these multiple engines.
> > However unlike the competition,  aps-AV does not increase the remotely
> > exploitable attack surface."
> >
> > http://www.nruns.com/_en/aps/
> > http://www.nruns.com/_downloads/aps-AV-Solution-Paper-EN.pdf
> >
> >  ...