NOD32
From Wikipedia, the free encyclopedia
| NOD32 | |
 |
|
 Eset NOD32 Homepage |
|
| Developer: | Eset |
|---|---|
| Latest release: | 2.70.32 / February 20, 2007 |
| OS: | Microsoft Windows, Linux, FreeBSD |
| Use: | Anti-virus |
| License: | Proprietary |
| Website: | Eset.com |
NOD32 is an antivirus package made by the Slovak company Eset. Versions are available for Microsoft Windows, Linux, FreeBSD and other platforms. Remote administration tools for multiuser installations are also available at extra cost. NOD32 Enterprise Edition consists of NOD32 AntiVirus and NOD32 Remote Administrator. The NOD32 Remote Administrator program allows a network administrator to monitor anti-virus functions, push installations and upgrades to unprotected PCs on the network and update configuration files from a central location.
Contents |
[edit] Awards
- NOD32 was certified by ICSA Labs. [1]
- It has been tested 44 times by Virus Bulletin and has failed 3 times, the lowest failure rate of the tested anti-virus products. [2]
- At CNET.com it received a review of 7.3/10. [3]
[edit] Technical information
NOD32 consists of an on-demand scanner and four different real-time monitors. The on-demand scanner (somewhat confusingly referred to as NOD32) can be invoked by the scheduler or by the user. Each real-time monitor covers a different virus entry point:
- AMON (Antivirus MONitor) - scans files as they are accessed by the system, preventing a virus from executing on the system.
- DMON (Document MONitor) - scans Microsoft Office documents and files for macro viruses as they are opened and saved by Office applications.
- IMON (Internet MONitor) - intercepts traffic on common protocols such as POP3 and HTTP to detect and intercept viruses before they are saved to disc.
- XMON (MS eXchange MONitor) - scans incoming and outgoing mail when NOD32 is running and licensed for Microsoft Exchange Server - ie, running on a server environment. This module is not present on workstations at all.
NOD32 is written largely in assembly code[4], which contributes to its low use of system resources and high scanning speed, meaning that NOD32 can easily process more than 23MB per second while scanning on a modest P4 based PC[5] and on average, with all real-time modules active, uses less than 20MB of memory in total[6] but the physical RAM used by NOD32 is often just a third of that.[7] According to a 2005 Virus Bulletin test, NOD32 performs scans two to five times faster than other antivirus competitors.[8][9]
In a networked environment NOD32 clients can update from a central "mirror server" on the network, reducing bandwidth usage since new definitions need only be downloaded once by the mirror server as opposed to once for each client.
NOD32's scan engine uses heuristic detection (which Eset calls "ThreatSense") in addition to signature files to provide better protection against newly released viruses.
[edit] Brief History
 |
This section does not cite its references or sources. Please help improve this article by introducing appropriate citations. (help, get involved!) Any unsourced material that has been or is likely to be challenged may be removed at any time. This article has been tagged since April 2007. |
NOD32 was born in the early 1990s when computer viruses were becoming increasingly previlant. At the time of its creation, the popular television program Nemocnica na Okraji Mesta, or "Hospital at the Edge of the City" was broadcasting on many European television networks. Early viruses often targeted hard disk boot sectors, located near the edge of the disk. As a pun, the program's creators named their new anti-virus program the "Hospital at the Edge of the Disk", or "Nemocnica na Okraji Disku", giving it the initials NOD. [10]
Initially the program gained popularity with IT workers in Eastern European countries, as Eset was based in Slovakia. Though the program's abbreviation was originally pronounced as individual letters, recent worldwide use of the program has led to the more common single-word pronounciation, sounding like the English word "nod".
Current versions of NOD32 are very different from the original NOD software. Serveral generations of the program have been developed as a response to a rapidly changing attack pattern by increasingly complex viruses. The program, now for 32-bit systems, is known as NOD32, replacing the older 16-bit flagship product, NOD-ICE.
