Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [SPAM] Fw: [Full-Disclosure] Joke.cpl ???

from [Todd Towles] Network Security [Permanent Link]
Subject: RE: [SPAM] Fw: [Full-Disclosure] Joke.cpl ???
Date: Fri, 29 Oct 2004 09:45:57 -0500 
We have had this talk on FD before...just search for AV Naming in the
archives....fun stuff. 


-----Original Message-----
From: full-disclosure-admin@lists.netsys.com 
[mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of 
Hugo van der Kooij
Sent: Friday, October 29, 2004 7:54 AM
To: Full-Disclosure@lists.netsys.com
Subject: Re: [SPAM] Fw: [Full-Disclosure] Joke.cpl ???

On Fri, 29 Oct 2004, Daniel Bachfeld wrote:


So far we have Bagle AQ, AT, AU, AY and BB for the same worm More 
proposals?

This is the biggest divergence i've seen the last months. 

Is there any 

reason, why the vendors could not agree on one name? We 

already have 

CVE-entries and Bugtraq-IDs for vulnerabilities.


So far I noticed at least two distinct files which were 
detected as W32/Bable.AP@mm (F-Prot) or Worm.Bagle.AT (ClamAV).

Now I get freash trash Which is decoded as W32/Bagle.AQ@mm 
(F-Prot) or Worm.Bagle.AX (ClamAV).

I am under the impression it is not a single infection.

But I share your sense of utter confusion. To which the 
people of ClamAV have contributed way too much. (Noticed 
their 'SomeFool'series?)

Hugo.

-- 
      I hate duplicates. Just reply to the relevant mailinglist.
      hvdkooij@vanderkooij.org                
http://hvdkooij.xs4all.nl/
              Don't meddle in the affairs of magicians,
              for they are subtle and quick to anger.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • RE: [SPAM] Fw: [Full-Disclosure] Joke.cpl ???, Todd Towles <=
Previous by Date:  RE: [Full-Disclosure] Slightly off-topic: www.georgewbush.com, Todd Towles
Next by Date:  RE: [Full-Disclosure] Slightly off-topic: www.georgewbush.com, Andrew Poodle
Previous by Thread:  [Full-Disclosure] [ GLSA 200410-31 ] Archive::Zip: Virus detection evasion, Thierry Carrez
Next by Thread:  [Full-Disclosure] [OpenPKG-SA-2004.047] OpenPKG Security Advisory (apache), OpenPKG
Indexes:  [Date] [Thread] [Top] [All Lists]