Full Disclosure mailing list archives
RE: Just when you thought Macafee stuff was safe!
From: "Tim Saunders" <Tim.Saunders () aquilauk co uk>
Date: Wed, 24 Sep 2003 09:39:11 +0100
It's the on-access scanner that has the problem when you try to do anything with the downloaded file. Even if you are only copying it to another PC. I would accept it cannot scan the contents of such a large compressed file if it didn't crash and leave the on-access scanner disabled. Tim
-----Original Message----- From: gregh [mailto:chows () ozemail com au] Sent: 23 September 2003 22:52 To: Tim Saunders; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Just when you thought Macafee stuff was safe!----- Original Message ----- From: "Tim Saunders" <Tim.Saunders () aquilauk co uk> To: "gregh" <chows () ozemail com au>;<full-disclosure () lists netsys com>Sent: Wednesday, September 24, 2003 1:14 AM Subject: RE: [Full-disclosure] Just when you thoughtMacafee stuff was safe!Or if your users have McAfee Virus scan wait for them to download a large compressed file, I find zips of oracle CDs frompartner.oracle.comdo nicely. Now watch McAfee crash as it tries to scan thecontents ofthe zip and times out (I believe) thus leaving the machine nice and vulnerable since it doesn't auto restart. Any 300MB+ Zip, .tar.gz, .cpio.gz etc seems to work. Smaller files may also work depending on your machine.Tim, Gotta say I don't have that problem with Macafee stuff. I have 98 and XP machines that have anywhere from 500meg files to, in 2 cases, 2gig compressed files sitting on them and what you say has never happened even once in a scheduled scan. I never allow any virus scanner to scan incoming compressed files. I only allow them to scan when I save to disk from attachment and that hasn't ever been a problem, either. Greg.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Just when you thought Macafee stuff was safe! Tim Saunders (Sep 23)
- Re: Just when you thought Macafee stuff was safe! gregh (Sep 23)
- <Possible follow-ups>
- RE: Just when you thought Macafee stuff was safe! Tim Saunders (Sep 24)