Full Disclosure mailing list archives
Re[4]: McAfee VirusScan vs Metasploit Framework v2.x
From: Thierry Zoller <Thierry () Zoller lu>
Date: Sun, 11 Dec 2005 12:48:15 +0100
Dear sk GroundZero, sG> well but you dont see the developer side of this. sG> the big companies can "buy their way out of the sG> signature file", that means that their application sG> wont be included as "potential unwanted software". You mix the parameters here, you are refering to CLARIA and Microsoft. Claria never developed "hacking" related tools but adware. I never saw this reported otherwehere ? (imho) sG> but for small companies and freeware developers, sG> this is a big loss, since if a AV vendors mark their sG> software as malware, noone will download it sG> anymore or even send complain mails and its hard sG> for a little company or a single programmer to do sG> much about this. Like I said I know the developer side of this becuase one of my tools was flagged. I choose to write a sentence above the download link about it, that cut 98% of the complaint mails. sG> for a small company that sG> is selling shareware this could mean loss of money. Tell me, I am/was doing trialware. sG> sure an AV vendor wont care if some little company sG> goes out of business. i remember this one tool called sG> pest remover or something ..it simply removes anything sG> that could possibly harm. It still exists : "Pest Patrol". Companies bought it explicitely _because_ it reported _everything_. On some critical LANS not even netcat should be installed. That's where these programs come in and fill the gap. Yes on the business side there was a gap the common AV solutions reported _not enough_ for certain environments, AV vendors saw this and partielly closed the gap. sG> but their selection is very stupid sG> as even a C programming text (!) will be removed sG> and various portscanners or other administrative tools. IMHO : Yes and no. Again in _some_ highly critical enviroment there should never be source code lying around on workstation which opens sockets or similar. It's hard to see but there IS actually a rising demand for these scanners that tag everything. sG> anyhow the most redicilous malware sG> removing tool i ever saw! I agreed years ago, now I disagree. -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: McAfee VirusScan vs Metasploit Framework v2.x, (continued)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Dude VanWinkle (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Byron Copeland (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Michael Holstein (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Dude VanWinkle (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Orlando Padilla (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x sk / GroundZero (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Stan Bubrouski (Dec 10)
- RE: McAfee VirusScan vs Metasploit Framework v2.x Pavel Kankovsky (Dec 11)
- Re[2]: McAfee VirusScan vs Metasploit Framework v2.x Thierry Zoller (Dec 11)
- Message not available
- Re[4]: McAfee VirusScan vs Metasploit Framework v2.x Thierry Zoller (Dec 11)
- Re: McAfee VirusScan vs Metasploit Framework v2.x wac (Dec 09)
- Re: Re: McAfee VirusScan vs Metasploit Framework v2.x Steve Friedl (Dec 10)
- RE: Re: McAfee VirusScan vs Metasploit Framework v2.x Aditya Deshmukh (Dec 11)
- Re: Re: McAfee VirusScan vs Metasploit Framework v2.x Bipin Gautam (Dec 12)
- Re: Re: McAfee VirusScan vs Metasploit Framework v2.x Yvan Boily (Dec 12)