Network Security: Detailed info on Extracting signature snippets from AV databases

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-Virus

[Top] [All Lists]

Extracting signature snippets from AV databases

from [Bill Stout] Network Security

[Permanent Link]

Subject:	Extracting signature snippets from AV databases
Date:	Mon, 8 May 2006 13:37:24 -0700

I'd like to create a set of test files containing (harmless) virus (and
spyware) signatures.  Can I extract the signatures from AV databases
(every PC has one)?   I'm thinking open source AV database may be easier
to extract signatures from than a commercial AV database.  If I can
automate the extraction and file creation, files won't become stale
because of lag time due to fluxuating interest of the maintainer (me).

Has this been done already?  Are specific signatures a 'secret sauce'?

The primary purpose is to create a test that safely verifies that our
browser protection product absolutely protects a computer from
intentional infection.

Thanks,
Bill Stout
www.greenborder.com

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Extracting signature snippets from AV databases, Bill Stout <= Re: Extracting signature snippets from AV databases, Jose Nazario Re: Extracting signature snippets from AV databases, Nick FitzGerald RE: Extracting signature snippets from AV databases, Bill Stout Re: Extracting signature snippets from AV databases, Yuri Slobodyanyuk Re: Extracting signature snippets from AV databases, Nick FitzGerald Re: Extracting signature snippets from AV databases, Kenneth Bechtel RE: Extracting signature snippets from AV databases, Bill Stout Re: Extracting signature snippets from AV databases, Robert Sandilands RE: Extracting signature snippets from AV databases, Hayes, Bill RE: Extracting signature snippets from AV databases, Bill Stout

Previous by Date:	Re: McAfee 8.0 crashing Dell D620's, Bruce Martins
Next by Date:	Re: Extracting signature snippets from AV databases, Jose Nazario
Previous by Thread:	McAfee 8.0 crashing Dell D620's, Evan Mann
Next by Thread:	Re: Extracting signature snippets from AV databases, Jose Nazario
Indexes:	[Date] [Thread] [Top] [All Lists]