Nmap Development mailing list archives
Re: compressing nmap executables and dlls with upx
From: AgentSmith15 <agentsmith15 () gmail com>
Date: Tue, 5 Feb 2008 22:40:26 -0600
I couldn't see why AVs would flag UPX compression as suspicious. Yes, I know viruses and bots have used UPX in the past to attempt to bypass AV's, but this mindset isn't helping the AVs argument to flag all packed executables as suspicious. UPX is open source and there are no attempts whatsoever to try to prevent unpacking. So all AV's worth their salt should be able to unpack and scan UPX files. Also looking at the UPX site they say it's it doesn't require any extra memory to run the compressed files. Fyodor could put two links on his site, and let people choose what they want. Jonathan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- compressing nmap executables and dlls with upx DePriest, Jason R. (Feb 04)
- RE: compressing nmap executables and dlls with upx Dario Ciccarone (dciccaro) (Feb 04)
- Re: compressing nmap executables and dlls with upx Guilherme Polo (Feb 05)
- Re: compressing nmap executables and dlls with upx DePriest, Jason R. (Feb 05)
- Re: compressing nmap executables and dlls with upx AgentSmith15 (Feb 05)
- RE: compressing nmap executables and dlls with upx Dario Ciccarone (dciccaro) (Feb 04)