Full Disclosure mailing list archives
RE: AV Naming Convention
From: Rui Pereira <ruiper () shaw ca>
Date: Tue, 10 Aug 2004 10:40:58 -0700
What about something similar to the CVE - Common Vulnerabilities and Exposures - http://www.cve.mitre.org/? From their web site... " Common Vulnerabilities and Exposures (CVER) is: A list of standardized names for vulnerabilities and other information security exposures - CVE aims to standardize the names for all publicly known vulnerabilities and security exposures." Rui Pereira,B.Sc.(Hons),CIPS ISP,CISSP,CISA WaveFront Consulting Group -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Randal, Phil Sent: August 10, 2004 9:34 AM To: Todd Towles; full-disclosure () netsys com Subject: RE: [Full-disclosure] AV Naming Convention I have thought about it, every time this issue is raised. To do what is proposed at first glance seems eminently sensible, but even a post-hoc renaming exercise requires additional "vendor" resources, and leads to customer confusion. Cheers, Phil ---- Phil Randal Network Engineer Herefordshire Council Hereford, UK
-----Original Message----- From: Todd Towles [mailto:toddtowles () brookshires com] Sent: 10 August 2004 17:18 To: 'Randal, Phil'; full-disclosure () netsys com Subject: RE: [Full-disclosure] AV Naming Convention How would a name stop an AV company from protecting its customers? A name is only a name. AV companies should do their job and stop viruses. But do we really care what they are called in the first couple of hours, no? I am trying to encourage sharing of some information between AV companies to better protect the public. I really don't care what they name them as long as they stop them. But the idea would be nice. If each company is going to have names for stuff..they can just use long strings of numbers. Would it really matter what one company names a virus in the first couple of hours? Maybe it will never happen because of money and the desire to be the first to discover it. But all the corporations of the whole have to deal with multiple AV engines, confusing names and variants. Maybe the idea wouldn't work, but to just throw it off without thinking about change is sad. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Randal, Phil Sent: Tuesday, August 10, 2004 10:07 AM To: full-disclosure () netsys com Subject: RE: [Full-disclosure] AV Naming ConventionI have to agree with Todd, the naming convention is nowright uselessfor the normal population and make keeping up with viruses on a corporate level that much harder. AV companies are always trying to beat the other company and this leads to very little information sharing between the companies on new viruses, etc. Maybe a foundation should be created. This foundation could give a seal of approval to all AV corporations that join in. We are starting to make rules for patch management over at patchmanagment.org. Why couldn't a group work with AV names and the first company that finds and IDs it correctly gets to nameit in thefoundation. Just a dream, I would guess.This completely misses the point. When a new virus is discovered, it is essential that there is a RAPID response to the threat. The idead of handing the critter over to a committee to decide it's name is, quite frankly, plain bonkers. I for one would rather all the antivirus vendors came up with their own names if it meant that detection/disinfection patterns came out hour earlier. Cheers, Phil ---- Phil Randal Network Engineer Herefordshire Council Hereford, UK _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: AV Naming Convention, (continued)
- RE: AV Naming Convention Todd Towles (Aug 10)
- Re: AV Naming Convention Jan Muenther (Aug 10)
- RE: AV Naming Convention Todd Towles (Aug 10)
- RE: AV Naming Convention Nick FitzGerald (Aug 11)
- RE: AV Naming Convention Todd Towles (Aug 11)
- Re: AV Naming Convention Valdis . Kletnieks (Aug 10)
- RE: AV Naming Convention Nick FitzGerald (Aug 11)
- RE: AV Naming Convention Rui Pereira (Aug 10)
- RE: AV Naming Convention Nick FitzGerald (Aug 10)
- RE: AV Naming Convention Nick FitzGerald (Aug 10)
- Re: AV Naming Convention ASB (Aug 11)
- RE: AV Naming Convention Nick FitzGerald (Aug 12)