Network Security: Detailed info on RE: New Virus?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

RE: New Virus?

from [James C Slora Jr] Network Security

[Permanent Link]

Subject:	RE: New Virus?
Date:	Tue, 16 Aug 2005 15:44:14 -0400

As I understand it, Google tries to reduce the effectiveness of malware
downloaders that use Google to find their payloads, to reduce the
effectiveness of vulnerability scan tools that search for and attack
vulnerable web apps, and to reduce warez pub searching.

Search for "(anything)(10 or more of certain characters such as
spaces)(anything)" and Google returns the same message.

So searches for any of the following will return the same 403 page:
"woohoo.file                      .blah"
"rogers.doc                      .exe"
"blah                      deblahblah"
"blah+++++++++++++++++++++++++++kupa"
"test++++++++++++++++++++++"
"                          "
"+++++++++++++++++++"

Searching for filenames with lots of white space is even less useful than
other malware filename searches. And Google's 403 page does not indicate
anything useful about this particular malware find.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
New Virus?, Alex Arndt Re: New Virus?, Eduardo Vela RE: New Virus? The AV Vendors respond (long post), Alex Arndt RE: New Virus?, James C Slora Jr <= Re: New Virus?, James Polley RE: New Virus?, James C Slora Jr Re: New Virus?, Eduardo Vela Re: New Virus?, dave_mikesch RE: New Virus?, Ragnar Harper RE: New Virus?, Harlan Carvey

Previous by Date:	RE: New Virus? The AV Vendors respond (long post), Alex Arndt
Next by Date:	Re: DNS cache poisoning?, chad
Previous by Thread:	RE: New Virus? The AV Vendors respond (long post), Alex Arndt
Next by Thread:	Re: New Virus?, James Polley
Indexes:	[Date] [Thread] [Top] [All Lists]