funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Consumer Reports Slammed for Creating 'Test' Viruses

From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Thu, 17 Aug 2006 16:21:07 -0400
On 8/17/06, Axel Pettinger <api () worldonline de> wrote:

Blue Boar wrote:
>
> For one, I agree with Jericho (apologies if I'm putting words in his
> mouth) that generating a new virus is probably the best way to test a
> virus scanner that is expected to detect new viruses.  I'm pretty
> sure I already know what the answer would be before I even tried, but
> if I were trying to test it, that would be how I would want to do it.
>
> If I were trying to see how quickly AV companies could write a
> signature for a new virus, there's one obvious way to do that.

Sorry, but in both cases it certainly isn't necessary to create new
malware. Simply open your eyes, there're enough "new" malicious code
files lying on the "street" of the Internet. Simply collect them and use
them to test your favorite av scanners. Do that for a while then you'll
know what you can expect from them. At least such samples are real
malware samples found ITW ...



As far as testing how quickly the turn around on signatures is
concerned, it is required.

You cant be sure that a malware sample you just found wasnt discovered
yesterday by an AV company unless you write one yourself.



Regards,
Axel Pettinger
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: