Full Disclosure mailing list archives
FW: Potentially new Virus
From: Andy Streule <andy.streule () lythamhigh lancs sch uk>
Date: Wed, 26 Nov 2003 11:34:06 +0000
If you come across something relatively new then, whether you are looking on an independent database or AV vendor's site, if they havent got it updated then it's the same prob regardless. I suspect the trend site search doesnt accept phrases with quotes, which seems a bit useless. ~Andy
And I did notice that searching Symantec with "Hello my dear Mary" today now returns a good result: Backdoor.Sysbug which is AKA BackDoor-CAG, Troj/Sysbug-A . Using that search at NAI returns nothing and using it at Trend returns 500 results?? I don't have time to go throughall that.My whish is to be able to search by characteristics using criteria like msg body, subject, ports used, reg changes, dropped files, whatever else you can think of... etc etc etc without having to wade throughpages of crap.I guess what I'm asking for is a database of virus characteristics that would probably need to be independent of av vendors because, after all, they are in the business to make money. I'm probably asking too much.
*************************************************************************** This e-mail is confidential and privileged. If you are not the intended recipient do not disclose, copy or distribute information in this e-mail or take any action in reliance on its content. *************************************************************************** *************************************************************************** This email has been checked for known viruses. *************************************************************************** _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Potentially new Virus Tireman (Nov 24)
- RE: Potentially new Virus Mike (Nov 24)
- RE: Potentially new Virus Anthony Aykut (Nov 25)
- RE: Potentially new Virus Mike (Nov 26)
- RE: Potentially new Virus Anthony Aykut (Nov 25)
- Re: Potentially new Virus Valdis . Kletnieks (Nov 25)
- Re: Potentially new Virus madsaxon (Nov 25)
- Re: Potentially new Virus Tireman (Nov 25)
- RE: Potentially new Virus Arcturus (Nov 25)
- <Possible follow-ups>
- Re: Potentially new Virus Paul Szabo (Nov 25)
- Re: Potentially new Virus Andreas Gietl (Nov 25)
- FW: Potentially new Virus Andy Streule (Nov 26)
- Re: Potentially new Virus Feher Tamas (Nov 28)
- RE: Potentially new Virus Mike (Nov 24)