nanog mailing list archives

Re: Clueless anti-virus products/vendors (was Re: Sober)

From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Sun, 04 Dec 2005 23:04:52 -0500


In message <B6621ED4D0AD394BBA73CA657DFD8976869630 () MSPEXBE01 wamnet inc>, "Chur
ch, Chuck" writes:


What about all the viruses out there that don't forge addresses?
Sending a warning message makes sense for these.  Unless someone has
done the research to determine the majority of viruses forge addresses,
you really can't complain about the fact that the default is to warn.
Calling vendors 'clueless' because a default doesn't match your needs is
a little extreme, don't you think?  The ideal solution would be for the
scanning software to send a warning only if the virus detected is known
to use real addresses, otherwise it won't warn.


A-V companies are in the business of analyzing viruses.  They should 
*know* how a particular virus behaves.

                --Steven M. Bellovin, http://www.cs.columbia.edu/~smb

Current thread:

Re: Clueless anti-virus products/vendors (was Re: Sober), (continued)
- - - Re: Clueless anti-virus products/vendors (was Re: Sober) Christian Kuhtz (Dec 04)
    - RE: Clueless anti-virus products/vendors (was Re: Sober) Todd Vierling (Dec 04)
  - Re: Clueless anti-virus products/vendors (was Re: Sober) Rich Kulawiec (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Steve Sobol (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Rich Kulawiec (Dec 05)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Robert Bonomi (Dec 04)
- RE: Clueless anti-virus products/vendors (was Re: Sober) Church, Chuck (Dec 04)
  - Re: Clueless anti-virus products/vendors (was Re: Sober) Geo. (Dec 04)
  - Re: Clueless anti-virus products/vendors (was Re: Sober) Christian Kuhtz (Dec 04)
  - Re: Clueless anti-virus products/vendors (was Re: Sober) Larry Smith (Dec 04)
  - Re: Clueless anti-virus products/vendors (was Re: Sober) Steven M. Bellovin (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Edward B. Dreger (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Jamie C. Pole (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Christopher L. Morrow (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Douglas Otis (Dec 05)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Valdis . Kletnieks (Dec 05)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Todd Vierling (Dec 06)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Douglas Otis (Dec 06)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Todd Vierling (Dec 06)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Douglas Otis (Dec 06)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Steven J. Sobol (Dec 07)

(Thread continues...)