Date: Mon, 17 Sep 2007 13:27:46 -0400
From: "Beauchamp, Brian" <bbeauchamp@...ord.k12.pa.us>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Re: Symantec Contact?

That's where I submitted our file to yesterday. It's funny that less then 5 minutes ago I received an email that the defs had been updated to include this variant.

________________________________

From: Theodore Pham [mailto:telamon@....EDU]
Sent: Mon 9/17/2007 1:13 PM
To: Beauchamp, Brian
Subject: Re: [Full-disclosure] Symantec Contact?



Submit the sample to Symantec via
http://www.symantec.com/avcenter/submit.html

They've been pretty responsive in the past, though I haven't needed to
submit a sample in over a year.

Ted Pham
Information Security Office
Carnegie Mellon University

Beauchamp, Brian wrote:
> Does anyone have a contact within symantec?
>
> We have numerous infections of the W32/Sdbot-DHS worm
> (http://www.sophos.com/virusinfo/analyses/w32sdbotdhs.html). Most major
> AV vendors are updating their definitions to block it, one of them isn't
> Symantec. We have created a removal kit but the machines keep being
> reinfected since they cannot all be disinfected at once (limited network
> access).
>
> We have submitted a virus sample last week and have contacted our sales
> rep neither are giving a helpful response. Aside from cutting over to
> sophos AV client, Any ideas?
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists