| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: ashipp at messagelabs.com (starlabs) Subject: Show me the Virrii! (heuristics) > Does anyone have reliable reports of an antivirus system firing > off on a heuristic? >I'm not aware of ever having seen one; always seems to be a >signature. As part of my job I regularly evaluate antivirus products. I have seen plenty of heuristic detections; all the engines have different heuristic capabilities, so some detect more new malware than others, and of course some also have more false positives than others. Your experience might be because you are using a poor heuristic engine, or because by the time you get a sample of a real new virus, your vendor has released a signature anyway, even if they detected it heuristically anyway. My findings indicate that the state of the art is that most new malware can be detected heuristically these days. Regards, Alex ________________________________________________________________________ This email has been scanned for all viruses by the MessageLabs Email Security System. For more information on a proactive email security service working around the clock, around the globe, visit http://www.messagelabs.com ________________________________________________________________________
Powered by blists - more mailing lists