Penetration Testing mailing list archives
Re: malware testing through proxy
From: Greg Strom <greg () delong com>
Date: Wed, 03 Dec 2008 18:33:36 +0800
Here is my quick $.02. Take a system that you *DON'T CARE ABOUT AND DO NOT HAVE ANY DATA ON* run Windows XP, IE, don't patch the system (Turn off auto updates) go surfing to the 'Darker Side side of the Internet'. You should be able to find what you are looking for and then some. You can use this to demonstrate/Test against real threats in the Wild. You will know that you have enough goodies on your system when it has slowed to a crawl. Put the system 'behind' your proxy thingy and put an ACL on a router/FW and make sure that your system is isolated and can not route traffic other than to your proxy.
raimarm () gmail com wrote:
Hi All, today some proxies can scan sites if they contain malware (keylogger, trojans, virues, drive-by-download, etc). In order to test and demonstrate the malware engines of our proxies I am looking for some good malware sites that can be tested through a proxy like bluecoat, Finjan or Ironport-s. I know the eicar.org site to test if a virus can be found. But I also look for sites which contain malware or code that looks like malware but it doesn't cause any harm, but is recognized as such. Many thanks in advance for your replies. Cheers Raimar ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- malware testing through proxy raimarm () gmail com (Dec 02)
- Re: malware testing through proxy Javier Fernandez-Sanguino (Dec 03)
- Re: malware testing through proxy Greg Strom (Dec 03)
- Re: malware testing through proxy Adriel T. Desautels (Dec 03)
- Re: malware testing through proxy Durga Prasad Adusumalli (Dec 05)
- Re: malware testing through proxy raimarm () gmail com (Dec 18)
- Re: malware testing through proxy Durga Prasad Adusumalli (Dec 05)
- <Possible follow-ups>
- Re: malware testing through proxy infolookup (Dec 05)