Security Incidents mailing list archives
Re: FBI Virus Alerts
From: Chris Salter <securityfocus () loncps demon co uk>
Date: Sat, 29 Sep 2001 12:14:13 +0100
In article <3.0.5.32.20010928222108.05228d70 () pop fuse net>, dated Fri, 28 Sep 2001 at 22:21:08, David Kennedy CISSP <david.kennedy () acm org> writes
At 08:38 AM 9/28/01 +0200, info wrote:[Viruses & Worms] Sophos and Trend Micro report a "severe outbreak" of a variant of day before yesterday's W32/Vote-A alias Win32.Vote.A@mm, W32.Vote.A@mm, that deletes files from infected hard drives.Except neither Sophos nor Trend are reporting a severe outbreak: http://www.sophos.com/ Click on the links for the three Vote variants and they report just one report of Vote.A and zero of Vote.B and zero of Vote.C http://wtc.trendmicro.com/wtc/ Neither the real-time nor the daily include any flavor of Vote Message Labs reports zero Vote.
This prompts me to ask a question that I have been meaning to ask for sometime. My apologies if it has been addressed before. Are these report statistics published by the AV vendors accurate representations of virus activity in the field? I can see that during the period before definitions have been updated, the reports may give some indication of the virus prevalence. However, how many AV customers report viruses successfully detected and dealt with? Do the AV vendors have a representational sample of their customers reporting *all* viruses? Are just corporate customers providing stats? I am assuming of course that automatic definition updates processes aren't collecting such information without the customers permission! Chris -- Christopher P Salter mailto:security () loncps demon co uk ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- FBI Virus Alerts twistsiwt (Sep 27)
- Re: FBI Virus Alerts H C (Sep 27)
- Re: FBI Virus Alerts Big Woz (Sep 27)
- Re: FBI Virus Alerts H C (Sep 27)
- Re: FBI Virus Alerts info (Sep 28)
- Re: FBI Virus Alerts David Kennedy CISSP (Sep 29)
- Re: FBI Virus Alerts Chris Salter (Sep 29)
- Re: FBI Virus Alerts David Kennedy CISSP (Sep 29)
- Message not available
- Re: FBI Virus Alerts info (Sep 29)
- Re: FBI Virus Alerts Gary Maltzen (Sep 30)
- Re: FBI Virus Alerts info (Sep 29)
- <Possible follow-ups>
- RE: FBI Virus Alerts Krul Thomas (Sep 28)
- RE: FBI Virus Alerts Eaton, Arthur (Sep 28)
- RE: FBI Virus Alerts Kinsey, Robert (Sep 28)