Full Disclosure mailing list archives
Re: PestPatrol (was: !! Internet Explorer !!)
From: yossarian <yossarian () planet nl>
Date: Sat, 12 Jun 2004 16:50:28 +0200
It actually does a reasonable job at remvoing and preventing some items more generally accepted being pests other than whitepapers on mostly harmless hacking. They juist have a different view what pests are, including documents on making bombs and picking locks. Probably things you don't want on corporate puters if you are a CEO, I guess. The most interesting part is that you can use it on a netwerk, albeit over netbios. AdAware, CWS shredder and Hijaak This are local tools, aimed at home users. Since many AV-products see pest control as a sideshow, there is a definite niche market for this product. But it could and should be a lot better, technically. Either the av makers will fill the gap - my AV thingie is getting there really fast - or a major player will take over. Unless PestPatrol cleans up their act. ----- Original Message ----- From: "Michal Zalewski" <lcamtuf () ghettot org> To: "Syed Imran Ali" <manipeto () yahoo co uk> Cc: <full-disclosure () lists netsys com> Sent: Saturday, June 12, 2004 4:02 PM Subject: [Full-disclosure] PestPatrol (was: !! Internet Explorer !!)
On Sat, 12 Jun 2004, Syed Imran Ali wrote:Get Pest Petrol...Hmm, I always thought PP is some sort of an elaborate scam ;-) Not relying on Windows too badly, I never had to use the product, but PP page frequently comes up when googling for weirdest things. Consider these "exploits" PP detects and removes: http://www.safersite.org/PestInfo/i/ip_addressing.asp PestPatrol detects the harmful practice of "IP Addressing"? "In the past three months, we have received reports of IP addressing in United States." No kidding? http://www.safersite.org/PestInfo/l/lcamtuf_na_export_pl.asp PestPatrol detects my (old) site as an "exploit" (?) - and, thank god, removes it. Note that other security-related pages are not on the list (and my old page did not really provide any exploit resources to start with), making this even more difficult to comprehend. http://www.safersite.org/pestinfo/e/exploit.asp ??? Those are just three random examples in the "exploit" category. Plenty of fairly harmless technical documents and programs that are NOT exploits, some of them hardly related to security and abuse, are also on the list - heck, even a whitepaper titled "CIFS Common Insecurities Fail Scrutiny" is listed. All in all, many of the issues PP seems to detect appear to be either harmless (and hence appear as an attempt to increase signature count), cryptic, or at best misclassified. Which does not necessarily the product is bogus, but it does not look too professional either... But then maybe it's better when it comes to detecting spyware. -- ------------------------- bash$ :(){ :|:&};: -- Michal Zalewski * [http://lcamtuf.coredump.cx] Did you know that clones never use mirrors? --------------------------- 2004-06-12 15:26 -- http://lcamtuf.coredump.cx/photo/current/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- !! Internet Explorer !! Farrukh Hussain (Jun 11)
- Re: !! Internet Explorer !! Matthew Jonkman (Jun 11)
- Re: !! Internet Explorer !! Brian Toovey (Jun 11)
- Re: !! Internet Explorer !! Harlan Carvey (Jun 11)
- Re: !! Internet Explorer !! Rachael Treu-Gomes (Jun 11)
- Re: !! Internet Explorer !! Andrei Zlate-Podani (Jun 11)
- Message not available
- Re: !! Internet Explorer !! Koen (Jun 11)
- Re: !! Internet Explorer !! Pavel Kankovsky (Jun 13)
- Re: !! Internet Explorer !! Koen (Jun 11)
- RE: !! Internet Explorer !! Syed Imran Ali (Jun 12)
- PestPatrol (was: !! Internet Explorer !!) Michal Zalewski (Jun 12)
- Re: PestPatrol (was: !! Internet Explorer !!) yossarian (Jun 12)
- Yahoo upgraded all accounts to 100MB Syed Imran Ali (Jun 15)
- Re: Yahoo upgraded all accounts to 100MB William Warren (Jun 15)
- Re: Yahoo upgraded all accounts to 100MB Joseph Peterson (Jun 15)
- Re: Yahoo upgraded all accounts to 100MB randall (Jun 15)
- Re: Yahoo upgraded all accounts to 100MB Ron DuFresne (Jun 15)
- Re: Yahoo upgraded all accounts to 100MB Andre Ludwig (Jun 16)
- Re: Yahoo upgraded all accounts to 100MB Shawn Nunley (Jun 16)
- Re: Yahoo upgraded all accounts to 100MB Shawn Nunley (Jun 16)
- Re: Yahoo upgraded all accounts to 100MB José María Mateos (Jun 18)
- PestPatrol (was: !! Internet Explorer !!) Michal Zalewski (Jun 12)
- Re: Yahoo upgraded all accounts to 100MB José María Mateos (Jun 16)