History
NOD32 was born in the early 1990s when computer viruses were becoming increasingly prevalent.
Initially the program gained popularity with IT workers in Eastern European countries, as Eset was based in
Current versions of NOD32 are very different from the original NOD software. Several generations of the program have been developed as a response to a rapidly changing attack pattern by increasingly complex viruses. The program, now for both 32-bit and 64-bit systems[, is known as NOD32, replacing the older 16-bit flagship product, NOD-ICE.
Naming
At the time of its creation, the popular television program Nemocnica na Okraji Mesta, or "Hospital at the Edge of the City" was broadcasting on many European television networks. Early viruses often targeted hard disk boot sectors, located near the edge of the disk. As a pun, the program's creators named their new anti-virus program the "Nemocnica na Okraji Disku", "Hospital at the Edge of the Disk", giving it the initials NOD.
Technical information
NOD32 consists of an on-demand scanner and four different real-time monitors. The on-demand scanner (somewhat confusingly referred to as NOD32) can be invoked by the scheduler or by the user. Each real-time monitor covers a different virus entry point:
- AMON (Antivirus MONitor) - scans files as they are accessed by the system, preventing a virus from executing on the system.
- DMON (Document MONitor) - scans Microsoft Office documents and files for macro viruses as they are opened and saved by Office applications.
- IMON (Internet MONitor) - intercepts traffic on common protocols such as POP3 and HTTP to detect and intercept viruses before they are saved to discs.
- EMON (E-mail MONitor) - An auxiliary module for scanning incoming/outgoing e-mails via the MAPI interface, such as Microsoft Outlook and Microsoft Exchange.
- XMON (MS eXchange MONitor) - scans incoming and outgoing mail when NOD32 is running and licensed for Microsoft Exchange Server - ie, running on a server environment. This module is not present on workstations at all.
NOD32 AMON Virus Detection Alert
NOD32 is written largely in assembly code , which contributes to its low use of system resources and scanning speed. NOD32 can process more than 23MB per second while scanning on a P4 based PC and, on average, uses less than 20MB of memory in total. The physical RAM used is often just a third of that.
According to a 2005 Virus Bulletin test, NOD32 performs scans two to five times faster than other antivirus competitors.
In a networked environment NOD32 clients can update from a central "mirror server" on the network, reducing bandwidth usage since new definitions need only be downloaded once by the mirror server as opposed to once for each client.
In addition to signature files, NOD32's scan engine uses heuristic detection (called "ThreatSense" by Eset) to provide better protection against newly released viruses.
Future Development
Screenshot of NOD32 v3 (Beta 2)
Eset has released beta versions of a new version (version 3) of NOD32 Anti-Virus. NOD32 Version 3 will include a redesigned graphical interface, intended to be more user friendly.
Eset Smart Security
Eset is also currently in the beta stages of developing an internet security suite, called Eset Smart Security. Eset Smart Security is intended to compete with other internet security suites, such as Norton Internet Security and Kaspersky Internet Security.
Eset Smart Security is planned to include the following features:
- NOD32 Anti-Virus engine (the next version of Eset's anti-malware engine (NOD32 v3.0))
- Firewall (with port stealthing and advanced filtering features)
- Anti-Spam (filtering with Bayesian filter, whitelisting and blacklisting)
No comments:
Post a Comment