Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Another new worm???

From: bet () RAHUL NET (Bennett Todd)
Date: Wed, 21 Jun 2000 09:12:49 -0400

2000-06-21-04:01:22 Dan Schrader:

Accusations of commercial advantage are are way off base and show
a lack of understanding of the AV business.

It doesn't matter which antivirus vendor you give it too.  There
are contractual agreements between most AV vendors to share
viruses on request.


Your reply shows a lack of understanding of the security community
and how we work.

We develop understandings of problems, and work together to evolve
the best possible fixes for them. Many of us maintain our own email
filtering systems. I've developed one, which I maintain, which spots
problem messages (currently a long list of attachment types,
recognizing either MIME or uue, plus one magic string from one
HTML-bourne worm), and sanitizes the messages on the way through the
mail transport agent.

The commercial Anti-Virus business community has developed a
symbiotic relationship with virus writers. Do you make recognition
databases publicly available in a publicly-documented format, for
those of us who don't want to run your software to use to try and
keep up with the evolution of email worms? If not, please go away,
or at least give up trying to silence those of us who are trying to
solve this problem, rather than to profit from it.

-Bennett

<HR NOSHADE>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>
Previous By Date Next
Previous By Thread Next

Current thread: