Security Basics mailing list archives
Re: virus got past mcafee viruscan 8.7
From: Michael Graham <jmgraham () gmail com>
Date: Wed, 6 May 2009 11:59:18 -0400
Unfortunately, anti-virus isn't capable of stopping the most common or basic of malware. Simply moving the hostile payload beyond the first hundred bytes or so of an executable is enough to prevent most AV software from detecting/alerting. Beyond that, the number of third-party applications with serious vulnerabilities (Acrobat seems to be this year's problem) means that relying on anti-virus to prevent malware infection is likely to result in an unpleasant surprise. On Tue, May 5, 2009 at 7:49 PM, Anand Narine <anand.narine () gmail com> wrote:
Hi all Our client workstations all have Mcafee antivirus installed, but a virus infected on particular pc and has been sending out spam by making outbound connections on port 25. Mcafee viruscan 8.7 blocks programs from making outbound connections on port 25 by default so how did the virus get past ? I verified that the mcafee was working since I could not telnet to any mail server on the internet via port 25. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- virus got past mcafee viruscan 8.7 Anand Narine (May 06)
- Re: virus got past mcafee viruscan 8.7 Phil Bieber (May 06)
- Re: virus got past mcafee viruscan 8.7 Michael Graham (May 06)
- Re: virus got past mcafee viruscan 8.7 Michael Graham (May 06)
- Re: virus got past mcafee viruscan 8.7 Phil Bieber (May 06)
- Message not available
- Re: virus got past mcafee viruscan 8.7 Phil Bieber (May 07)
- Re: virus got past mcafee viruscan 8.7 Michael Graham (May 06)
- Re: virus got past mcafee viruscan 8.7 Jeffrey Walton (May 06)
- Re: virus got past mcafee viruscan 8.7 Michael Graham (May 07)
- Re: virus got past mcafee viruscan 8.7 Jeffrey Walton (May 07)
- Re: virus got past mcafee viruscan 8.7 Anand Narine (May 07)
- RE: virus got past mcafee viruscan 8.7 Lape, Steve (May 07)
- Re: virus got past mcafee viruscan 8.7 Mike Acker (May 08)
- RE: virus got past mcafee viruscan 8.7 Oliver Friedrichs (May 08)