funsec mailing list archives
Re: Rant: Common Malware Enumeration (CME) gets mixed recepti on
From: "Fergie (Paul Ferguson)" <fergdawg () netzero net>
Date: Thu, 6 Oct 2005 15:50:40 GMT
Okay, I stand corrected -- they are in numerical order. There's just gaps large enough to drive a truck through... - ferg -- "Fergie (Paul Ferguson)" <fergdawg () netzero net> wrote: Sure -- it would be nice to have a cross-reference enumeration database to make sense of the various naming conventions used by various anti-virus and anti-malware vendors, but when the CME database is not really a database, is not updated in real- time, and is not searchable, I see very little utility is this effort. For example, F-Secure mentioned that one of the newest Sober variants this morning had been assigned CME-151. Meanwhile, McAFee makes an AVERT announcement about a similar Sober variant that they feel warrants alerting their AVERT subscribers. However, if you go to the CME webpage, there is no listing for it, or any number of others. They're not even listed in numerical order! *sigh* http://fergdawg.blogspot.com/2005/10/common-malware-enumeration-cme-gets.html - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Rant: Common Malware Enumeration (CME) gets mixed recepti on Fergie (Paul Ferguson) (Oct 06)
- <Possible follow-ups>
- Re: Rant: Common Malware Enumeration (CME) gets mixed recepti on Fergie (Paul Ferguson) (Oct 06)