Full Disclosure mailing list archives
Re: Re: McAfee VirusScan vs Metasploit Framework v2.x
From: Yvan Boily <yboily () gmail com>
Date: Mon, 12 Dec 2005 15:51:44 -0600
BUT guys common… so you want to share the stupid flames of users over your security product with the AV vendors as they have classified it as a BAD-TOOL. Will that make you feel better? It's more of your headache & responsibility to let the users know before download that your security product might be classified by AV as potential threats as, YOU KNOW they may be used for either good or bad purpose. I don't suppose Fyodor will take any responsibility for the action of a malicious user if nmap is used for some malicious purpose??? How AV software would know whether software's like netcat, metasploit or nmap found in a machine is put there by a legitimate user or by a malicious person willing to some further evil deeds. So as a proactive measure they rate the software's as a threat. DEFAULT DENY. Makes sense to me… ( but I agree AV vendors lack proper classification ) hey... User always has the option to ask their AV to ignore the particular file/directory if they own the privilege in the machine anyways.
The issue isn't that it is a default deny approach; it is the case that when a user requests additional information from the tool that would delete the software, they receive a very skewed perspective. Anyone who uses McAffee want to download the load of FoundStone tools and determine if any of those (including SuperScan!) qualify as 'hacking tools'? http://www.foundstone.com/resources/freetools.htm
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re[4]: McAfee VirusScan vs Metasploit Framework v2.x, (continued)
- Message not available
- Re[4]: McAfee VirusScan vs Metasploit Framework v2.x Thierry Zoller (Dec 11)
- Re: McAfee VirusScan vs Metasploit Framework v2.x ad () heapoverflow com (Dec 11)
- RE: McAfee VirusScan vs Metasploit Framework v2.x security curmudgeon (Dec 11)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Morning Wood (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x wac (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Mike Hoye (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Fyodor (Dec 10)
- Re: Re: McAfee VirusScan vs Metasploit Framework v2.x Steve Friedl (Dec 10)
- RE: Re: McAfee VirusScan vs Metasploit Framework v2.x Aditya Deshmukh (Dec 11)
- Re: Re: McAfee VirusScan vs Metasploit Framework v2.x Bipin Gautam (Dec 12)
- Re: Re: McAfee VirusScan vs Metasploit Framework v2.x Yvan Boily (Dec 12)