nanog mailing list archives
Re: Clueless anti-virus products/vendors
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 07 Dec 2005 13:56:29 +0100
* Steven M. Bellovin:
A-V companies are in the business of analyzing viruses.
Many offer analysis services, but this is done upon special request, and only if you pay extra.
They should *know* how a particular virus behaves.
You don't need to know what the virus does in order to detect it with a file-based signature. Analysis stops as soon as detection is possible with sufficient accuracy. Timebombs and other hidden functionality go unnoticed (unless the malware is form a well-known strain which has such features).
Current thread:
- Recording the return path (was Re: Clueless anti-virus products/vendors), (continued)
- Recording the return path (was Re: Clueless anti-virus products/vendors) Michael . Dillon (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Per Heldal (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Michael . Dillon (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Todd Vierling (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Per Heldal (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Stephen Sprunk (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Todd Vierling (Dec 12)
- Re: Recording the return path (was Re: Clueless anti-virus products/vendors) Todd Vierling (Dec 12)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Michael . Dillon (Dec 08)
- Re: Clueless anti-virus products/vendors (was Re: Sober) Niels Bakker (Dec 08)
- Re: Clueless anti-virus products/vendors Florian Weimer (Dec 07)
- RE: Clueless anti-virus products/vendors (was Re: Sober) Daniel Senie (Dec 04)