Re: correct names [was: 3127/tcp by Doomjuice (Kaspersky) - MyDoom takeover?]

["Gregory A. Gilliss" <ggilliss () netpublishing com>]

This is another argument in favor of Valdis FAQ/Been-There Web site.
No, there is no standard naming convention for this crap between different
competing AV vendors, and no there is not likely to be one since it would
detract from the vendors' ability to market their products. The topic
already has been visited (last month I believe) on the list). AFA how
do poor overworked sysadmins keep track, the answer is ... you're reading
the answer!

Valdis or someone else want to offer up server/disk for an FD FAQ upgrade?

G

On or about 2004.02.09 17:23:50 +0000, dgj (dgj+ () pitt edu) said:
> Greetings,
>
> Deadhat/Vesser, DoomJuice/Mydoom.c, "more correctly known as", 
> "incorrectly originally classified as", ...
>
> Is there, or will there ever be any kind of "naming authority" for 
> these things? I assume that most major av houses have telephones & 
> email access, so why isn't there any kind of agreement on names? The 
> lack of a single name for a threat is kind of bogus.
>
> Is this driven only by the marketing departments at the firms?
>
> And how does the poor, long-suffering sysadmin know what the correct 
> name is, google them all when the dust settles and see what gets the 
> most hits??

-- 
Gregory A. Gilliss, CISSP                              E-mail: greg () gilliss com
Computer Security                             WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html