Nmap Development mailing list archives
Re: Nmap 4.76 detected as a Trojan by BitDefender 2009
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Sun, 1 Mar 2009 18:57:29 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 01 Mar 2009 15:40:27 +0100 or thereabouts Patrick Camilleri <patrik.camilleri () gmail com> wrote:
When downloading http://nmap.org/dist/nmap-4.76-setup.exe BitDefender detects it as Trojan.Generic.1215885. On the other hand the beta version of nmap, http://nmap.org/dist/nmap-4.85BETA3-setup.exe seems to be clean. Is this just a false positive? Malware name: Trojan.Generic.1215885 Regards, Patrick
Patrick, This is a false positive. In order to keep up with the huge flood of new malware AV companies have had to turn to heuristics and very generic fingerprints. Unfortunately this means that there are also more false positives. Nmap does a lot with networking. Chances are if a AV company decides to flag specific networking features or a networking library like libdnet, libpcap, or OpenSSL, Nmap will be detected too. This isn't the first time Nmap has been been wrongly flagged by an AV company and it certainly won't be the last. I just sent nmap.exe to VirusTotal and BitDefender came back clean: https://www.virustotal.com/analisis/8298d510a59b8f5c0c1d1aa7d5f01744 It is possible that if you update your signatures they have already corrected the false positive. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkmq2p8ACgkQqaGPzAsl94KcAACfcUfXMWhNBmZJierJk3e1r9a0 hGUAnRrofaXTk1ewiAK2FQgCmksfJV2j =zPTh -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap 4.76 detected as a Trojan by BitDefender 2009 Patrick Camilleri (Mar 01)
- Re: Nmap 4.76 detected as a Trojan by BitDefender 2009 Brandon Enright (Mar 01)
- Re: Nmap 4.76 detected as a Trojan by BitDefender 2009 Brandon Enright (Mar 01)
- Re: Nmap 4.76 detected as a Trojan by BitDefender 2009 Patrick Camilleri (Mar 01)
- Re: Nmap 4.76 detected as a Trojan by BitDefender 2009 Rob Nicholls (Mar 02)
- Re: Nmap 4.76 detected as a Trojan by BitDefender 2009 Fyodor (Mar 02)
- Re: Nmap 4.76 detected as a Trojan by BitDefender 2009 Brandon Enright (Mar 02)
- Re: Nmap 4.76 detected as a Trojan by BitDefender 2009 Brandon Enright (Mar 01)
- Re: Nmap 4.76 detected as a Trojan by BitDefender 2009 Brandon Enright (Mar 01)