Security Incidents mailing list archives

Re: FBI Virus Alerts

From: info <info () safer-hex com>
Date: Sat, 29 Sep 2001 21:43:11 +0200

Also sprach Chris Salter um 12:14 Uhr +0100 am 29.09.2001:


This prompts me to ask a question that I have been meaning to ask for
sometime. My apologies if it has been addressed before. Are these report
statistics published by the AV vendors accurate representations of virus
activity in the field?

the prob for people like us is, each vendor has different standardswhen a certain category is assigned or an alert is issued.there is also varying time lags between the vendors. in the case ofNimda it was comparatively short, the first being Sophos [Date: Tue,18 Sep 2001 16:45:07 +0100 (BST)] the last being McAfee some 7 hrslater, minutes after Trend Micro. CERT followed shortly after whilewe received no alert from Kaspersky. Symantec, too, is usually veryhesitative to ring the alarm bell...



Also sprach David Kennedy CISSP um 11:02 Uhr -0400 am 29.09.2001:


(...)  I can hardly wait to see if it
makes the Wild List.

that means, as long as you don't see it in the list, it isn't there?

we operate an alert service, and when an a/v vendor sends an alertwith the subject line


Also sprach Trend Micro Info Service um 14:29 Uhr +0100 am 27.09.2001:

(...)
Subject: SEVERE OUTBREAK: TROJ_VOTE.C

then I don't wait until their webmasters wake up but forward it to myreaders who expect me to do just that and not wait until I have thefirst samples in our editorial mail boxes to check if it's real.


period!

Dre.

p.s. I'm aware that many a/v vendors sometimes create a hype but wehave the policy better to warn to often but ASAP, rather than to warnwhen it's too late.


--

[  C  A  M  R  I  N    N  E  T  W  O  R  K  ]
the  jrpamc.com internet information services
[jrpamc () camrin net] : [http://www.camrin.net]


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.

For more information on this free incident handling, managementand tracking system please see: http://aris.securityfocus.com

Current thread:

FBI Virus Alerts twistsiwt (Sep 27)
- Re: FBI Virus Alerts H C (Sep 27)
- Re: FBI Virus Alerts Big Woz (Sep 27)
  - Re: FBI Virus Alerts H C (Sep 27)
- Re: FBI Virus Alerts info (Sep 28)
  - Re: FBI Virus Alerts David Kennedy CISSP (Sep 29)
    - Re: FBI Virus Alerts Chris Salter (Sep 29)
- Message not available
  - Re: FBI Virus Alerts info (Sep 29)
    - Re: FBI Virus Alerts Gary Maltzen (Sep 30)
- <Possible follow-ups>
- RE: FBI Virus Alerts Krul Thomas (Sep 28)
- RE: FBI Virus Alerts Eaton, Arthur (Sep 28)
- RE: FBI Virus Alerts Kinsey, Robert (Sep 28)