Nmap Development mailing list archives
Re: False positives on antivirus
From: Fyodor <fyodor () insecure org>
Date: Fri, 29 Jan 2010 14:30:58 -0800
On Fri, Jan 29, 2010 at 07:28:47AM -0600, Ron wrote:
Fyodor <fyodor () insecure org> wrote: But seriously, I hadn't realized it could be so easy to get a false positive removed. Maybe we should revisit the idea of submitting the original nmap_service.exe, unmodified, to the company that detected it as malware?
Yeah, if you (or someone) can submit a report and get things resolved so that Nmap 5.20 and the plain nmap_service.exe no longer give false positives, that would be great! It is mostly just a matter of figuring out how to do the submission and perhaps following up a bit and maybe submitting a different way if they ignore you. And verifying with the likes of Virustotal after they claim to have fixed it. We would have had to do that if it had triggered on a more integral part of Nmap. Also, whenever someone mails me about one of these false positives, I ask them to please submit the problem to the vendor. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- False positives on antivirus Ron (Jan 28)
- Re: False positives on antivirus Michael Pattrick (Jan 28)
- Re: False positives on antivirus Ron (Jan 28)
- Re: False positives on antivirus Fyodor (Jan 28)
- Re: False positives on antivirus Ron (Jan 29)
- Re: False positives on antivirus DePriest, Jason R. (Jan 29)
- Re: False positives on antivirus Brandon Enright (Jan 29)
- Re: False positives on antivirus Fyodor (Jan 29)
- Re: False positives on antivirus Ron (Jan 29)
- Re: False positives on antivirus Fyodor (Jan 29)
- Re: False positives on antivirus Michael Pattrick (Jan 28)
- Re: False positives on antivirus David Fifield (Feb 12)
- Re: False positives on antivirus Ron (Feb 12)
- Re: False positives on antivirus David Fifield (Mar 03)