lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon Dec 12 21:51:52 2005
From: yboily at gmail.com (Yvan Boily)
Subject: Re: McAfee VirusScan vs Metasploit Framework
	v2.x

>
> BUT guys common? so you want to share the stupid flames of users over
> your security product with the AV vendors as they have classified it
> as a BAD-TOOL. Will that make you feel better?  It's more of your
> headache & responsibility to let the users know before download that
> your security product might be classified by AV as potential threats
> as, YOU KNOW they may be used for either good or bad purpose. I don't
> suppose Fyodor will take any responsibility for the action of a
> malicious user if nmap is used for some malicious purpose??? How AV
> software would know whether software's like netcat, metasploit or nmap
> found in a machine is put there by a legitimate user or by a malicious
> person willing to some further evil deeds. So as a proactive measure
> they rate the software's as a threat. DEFAULT DENY. Makes sense to me?
> ( but I agree AV vendors lack proper classification ) hey... User
> always has the option to ask their AV to ignore the particular
> file/directory if they own the privilege in the machine anyways.


 The issue isn't that it is a default deny approach; it is the case that
when a user requests additional information from the tool that would delete
the software, they receive a very skewed perspective.

Anyone who uses McAffee want to download the load of FoundStone tools and
determine if any of those (including SuperScan!) qualify as 'hacking tools'?
http://www.foundstone.com/resources/freetools.htm
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051212/b9975d89/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ