lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <642792442.20040802021756@SECURITY.NNOV.RU>
Date: Mon, 2 Aug 2004 02:17:56 +0400
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: Aleksandar Milivojevic <amilivojevic@....ca>
Cc: bugtraq@...urityfocus.com
Subject: Re[2]: Aladdin response regarding eSafe


Dear Aleksandar Milivojevic,



--Friday, July 30, 2004, 6:06:57 PM, you wrote to bugtraq@...urityfocus.com:

>> engines I tested (KAV, ClamAV and others) are file-oriented. It makes
>> it impossible to code good antiviral protection for proxy server with
>> this engines.

AM> Hm.  What about option of sending one byte of data to the client every
AM> minute (with configurable limit that not more than xx% of file can be
AM> transffered before scanning, just in case you stummble accross site that
AM> is actually that slow ;-) ), instead of just feeding him up to 80% of
AM> the file in advance of file being scanned?  For those that prefer a bit
AM> more security over interactivity.  This would prevent client from timing
AM> out, 99.99% (number from the back of my head) of files would take less

There  is a difference between inability to create good protection (both
strong  and  convenient)  and  inability to protect. Of cause, there are
ways  to  implement  protection:  you can check file after each 100KB of
data  (anyway  only first X KB of files are usually checked by antiviral
software)  you  can  send  one  byte  per minute, you can send fake HTML
headers  one  in a minute (they will be ignored), or you can simply show
HTML  page with your own progress bar for large files, you can recognize
file  type and act depending on it. Any of this is "hack", because there
is no standardised way.

-- 
~/ZARAZA
You know my name - look up my number (Beatles)



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ