刚翻译完别的东西,累了,恕不全翻译了
曲中求朋友的测试很好的印证了这些
高兼容度下下载的文件是分批传送到程序,同时拷贝到imon中扫描
所以即使imon侦测到时也可能已下载部分已包含病毒代码的主要部分
而且可能以后继续下载剩余部分imon也无法探查到了
不过还有amon(这句是我加的,不是原文)
高效能会影响速度,因为IMON要先下载并扫描整个文件然后传递给应用程序
所以不适合需要连续数据流的程序,比如多媒体, 网络电视
Compatibility Setup
Client compatibility setup provides an option to toggle between active and passive mode (better efficiency and better compatibility respectively) used for a particular application.
IMON works in two modes: „passive“ and „active“. In passive (higher compatibility) mode, portions of a downloaded file are continuously passed on to the target application whilst IMON stores a temporary copy of each of the fragments. When the last fragment is detected, the whole file is scanned for viruses. If an infiltration is detected, a warning window appears and the connection with the particular server is terminated. A disadvantage of that is that the already downloaded portion of the file may already contain a fundamental portion of a malicious code. What's more, if the application repeatedly attempts to download infected file, it may use the already downloaded data and request only the rest of the file. In such case, IMON may not find nothing suspicious in the remaining portion.
In active (higher efficiency) mode, IMON first downloads and scans whole file and then passes it on to the target application. This procedure is safer because in the case of an infiltration the application does not receive any portion of the downloaded file. A disadvantage is that the application receives all data at once, therefore it cannot show the download status properly. Therefore, if the download lasts for more than 5 seconds, a small window showing the dowload progress pops up beneath the system tray. Active mode is not suitable for certain types of data which requires a continual data flow (e.g. multimedia, streaming video/audio).
[ 本帖最后由 binkko 于 2007-2-26 10:21 编辑 ] |
发表于 2007-2-24 00:22:27
发表于 2007-2-24 11:37:06
