funsec mailing list archives
RE: Overloading AV software, was Question about Viruses
From: "Fergie" <fergdawg () netzero net>
Date: Fri, 7 Jul 2006 17:49:07 GMT
There is plenty of malware right now which goes a step further: Just disables the AV software altogether. :-) - ferg -- "Richard M. Smith" <rms () bsf-llc com> wrote:
But for the most part massimo is right, it's a dumb strategy
Hmm, what if the bad guys overloaded a user with virus warning messages as a stratergy to get people to turn off their AV software. For example, could a Web page download a few hundred image files with known virus signatures tacked on the end of each file in order to make AV software go nuts? Could the same trick be used in an HTML email message? I already have an HTML application that is triggering false positives in Symantec because Symantec thinks a bit of VBScript code I wrote is a malicious code. Richard M. Smith -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Overloading AV software, was Question about Viruses Fergie (Jul 07)