funsec mailing list archives
Re: Kaspersky strikes again
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Sun, 23 Dec 2007 16:44:45 -0500
On Dec 23, 2007 3:46 PM, Alex Eckelberry <AlexE () sunbelt-software com> wrote:
Virtual PCs are not necessarily all that useful for testing malware.
I know, some companies even have setups that are made out of 2x4 cutouts with system boards and nic's in them for their testing environment.. Crazy I know, but hey, it makes sense to me...
And one of your bigger challenges is in creating an adequate whitelist to test against FPs. You're talking at least 20 terrabytes of whitelist data -- think of all the different versions of Office, all the drivers, etc. It's not a small undertaking.
No, but a company with millions to spend on research should be able to manage. Shit, even if you can't afford it AV companies could team up for a killer test bed of troublesome app and OS's their combined 80yrs experience has dealt with.. Just an idea -JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: shit happens, et tu, AVG? was Re: Kaspersky strikes again, (continued)
- Re: shit happens, et tu, AVG? was Re: Kaspersky strikes again Valdis . Kletnieks (Dec 21)
- RE: shit happens, et tu, AVG? was Re: Kaspersky strikes again David Harley (Dec 22)
- RE: shit happens, et tu, AVG? was Re: Kaspersky strikes again Drsolly (Dec 22)
- RE: shit happens, et tu, AVG? was Re: Kaspersky strikes again David Harley (Dec 23)
- Re: shit happens, et tu, AVG? was Re: Kaspersky strikes again Dude VanWinkle (Dec 22)
- RE: Kaspersky strikes again Larry Seltzer (Dec 23)
- RE: Kaspersky strikes again Alex Eckelberry (Dec 23)
- Re: Kaspersky strikes again Dude VanWinkle (Dec 23)
- Re: Kaspersky strikes again Valdis . Kletnieks (Dec 23)
- Re: Kaspersky strikes again Drsolly (Dec 24)