FW: Potentially new Virus

[Andy Streule <andy.streule () lythamhigh lancs sch uk>]

 If you come across something relatively new then, whether you 
 are looking on an independent database or AV vendor's site, 
 if they havent got it updated then it's the same prob regardless.
 
 I suspect the trend site search doesnt accept phrases with 
 quotes, which seems a bit useless.
 
 ~Andy
 
 
> > And I did notice that searching Symantec with "Hello my dear 
> > Mary" today now
> > returns a good result: Backdoor.Sysbug which is AKA BackDoor-CAG,
> > Troj/Sysbug-A  . Using that search at NAI returns nothing and 
> > using it at
> > Trend returns 500 results?? I don't have time to go through 
> all that.
> > My whish is to be able to search by characteristics using 
> > criteria like msg
> > body, subject, ports used, reg changes, dropped files, 
> > whatever else you can
> > think of... etc etc etc without having to wade through 
> pages of crap.
> > I guess what I'm asking for is a database of virus 
> > characteristics that
> > would probably need to be independent of av vendors because, 
> > after all, they
> > are in the business to make money.
> >
> > I'm probably asking too much.

***************************************************************************
This e-mail is confidential and privileged.  If you are not the intended
recipient do not disclose, copy or distribute information in this e-mail
or take any action in reliance on its content.
***************************************************************************

***************************************************************************
This email has been checked for known viruses. 
***************************************************************************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html