| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat Dec 31 16:13:38 2005 From: waldoalvarez00 at gmail.com (wac) Subject: Is this a Virus? On 12/29/05, Shawn Cox <shawn.cox@...a.com> wrote: I doubt it's a virus. Filling up a hard-disk is counter productive to propagation. Though I do think it was an option in the VCL of old. Hi: Well if the virus releases the space before infection, can be productive to the propagation since it would reserve that space you won't be able to fill with other data ;). Generally is easy to detect a virus. Feed your computer with a couple of fresh executables, and some will go out modified with high probability and most times with the size increased. Warning there are slow viruses that takes it's time to reproduce, and usually last years before somebody even notices. However this is not very usual, generally viruses eat whaetever you give them except some with bait detection. Most check baits for the size, and some do more advanced thingies like analize the file for knows routines in High level laguages or variations in the instructions. If interested I have a lot of literature around and a huge 5000+ virus collection build over the years. Some are still on schedule for reversing but if anyone is interested just gime a call it would be great to save myself some time. Regards Waldo Alvarez -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051231/ee7d607a/attachment.html
Powered by blists - more mailing lists