Maniak2000

Can Mamutu be a bit more specific with it's alerts?

Recommended Posts

Hello. I would like to get a bit more details about some alerts mamutu shows, can it be done?

For example:

Application is trying to inject code to other applications - What other application(s) exactly (path)?

Program is editing (patching) other executable files - (again) what other executables exactly?

Program is installing something invisibly - what exactly is it installing? (list of files?)

Installation of services and drives - What services \ drivers are being installed exactly?

Mofifying startup areas - What start-up area is being modified and what entry exactly is being added?

Changing hosts file - what entries are being added \ deleted?

Browser setting changes - what setting(s) are being changed exactly?

System's group policy changes - what group policy exacly is being changed? to what (on \ off) ?

Application is trying to silently send something to the internet - on what adress, port?

This additional info can be added to "Details" tab and I think can help some people differentiate dangerous programs from just suspicious (for mamutu).

Share this post


Link to post
Share on other sites

There are plans to provide a few more information. It will never be in as much detail as you suggested though primarily because people will be confused by it. If you prefer a more HIPS style approach you may want to take a look at Online Armor that provides a lot of the details you asked for.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.