Full Disclosure mailing list archives
RE: AV Naming Convention
From: "Todd Towles" <toddtowles () brookshires com>
Date: Tue, 10 Aug 2004 11:28:58 -0500
Oh, I am not unhappy with AV companies at all. They do their job and most do it very well and very fast. But there are programs that aren't detectable by any AV programs. I have one sitting on my desktop; I received it in the e-mail weeks ago. I send it in as a sample and heard nothing. Why? Because it isn't running thru the news and in everyone's e-mail. The largest threats should be taken care of first, given. But should the public not be informed about things like this. Where is the protection? Some people question sig-based scanning and I understand their point. We need to help the AV companies think outside the box and create new ways of detection and prevention. We are the community help them. You may call the idea stupid and useless, I really don't care. We have you talking about the possibility however. =) Change starts with words, then actions. Todd -----Original Message----- From: Glenn_Everhart () bankone com [mailto:Glenn_Everhart () bankone com] Sent: Tuesday, August 10, 2004 10:35 AM To: toddtowles () brookshires com; todd () hostopia com; frank () knobbe us Cc: full-disclosure () netsys com Subject: RE: [Full-disclosure] AV Naming Convention So isn't this the reason CVE was created some time ago now? Give the AV companies a bit of mercy though: they are called upon to analyze virii with ever less lead time, and need to pick names sometimes before full behavior is even known (as it seems to me from watching them). Given the time allowed to do this work, it seems a cross reference after the fact is probably the best one can hope for. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Todd Towles Sent: Tuesday, August 10, 2004 10:16 AM To: 'Todd Burroughs'; 'Frank Knobbe' Cc: full-disclosure () netsys com Subject: RE: [Full-disclosure] AV Naming Convention I have to agree with Todd, the naming convention is now right useless for the normal population and make keeping up with viruses on a corporate level that much harder. AV companies are always trying to beat the other company and this leads to very little information sharing between the companies on new viruses, etc. Maybe a foundation should be created. This foundation could give a seal of approval to all AV corporations that join in. We are starting to make rules for patch management over at patchmanagment.org. Why couldn't a group work with AV names and the first company that finds and IDs it correctly gets to name it in the foundation. Just a dream, I would guess. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ********************************************************************** This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you ********************************************************************** _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: AV Naming Convention, (continued)
- Re: AV Naming Convention Nick FitzGerald (Aug 10)
- Re: AV Naming Convention Thomas Loch (Aug 10)
- Re: AV Naming Convention Alerta Redsegura (Aug 10)
- Re: AV Naming Convention Nick FitzGerald (Aug 10)
- RE: AV Naming Convention Todd Towles (Aug 10)
- Re: AV Naming Convention Thomas Loch (Aug 10)
- Re: AV Naming Convention Valdis . Kletnieks (Aug 10)
- RE: AV Naming Convention Frank Knobbe (Aug 10)
- Re: AV Naming Convention ASB (Aug 10)
- RE: AV Naming Convention Glenn_Everhart (Aug 10)
- RE: AV Naming Convention Todd Towles (Aug 10)
- Re: AV Naming Convention Jan Muenther (Aug 10)
- RE: AV Naming Convention Todd Towles (Aug 10)
- Re: AV Naming Convention Jan Muenther (Aug 10)
- RE: AV Naming Convention Todd Towles (Aug 10)
- RE: AV Naming Convention Nick FitzGerald (Aug 11)
- RE: AV Naming Convention Todd Towles (Aug 11)
- RE: AV Naming Convention Todd Towles (Aug 10)
- Re: AV Naming Convention Valdis . Kletnieks (Aug 10)
- RE: AV Naming Convention Nick FitzGerald (Aug 11)