lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <003501c3821c$f85bd950$0100a8c0@p3600>
From: chows at ozemail.com.au (gregh)
Subject: Just when you thought Macafee stuff was safe!

> ----- Original Message ----- 
> From: "Tim Saunders" <Tim.Saunders@...ilauk.co.uk>
> To: "gregh" <chows@...mail.com.au>; <full-disclosure@...ts.netsys.com>
> Sent: Wednesday, September 24, 2003 1:14 AM
> Subject: RE: [Full-Disclosure] Just when you thought Macafee stuff was
safe!


> Or if your users have McAfee Virus scan wait for them to download a
> large compressed file, I find zips of oracle CDs from partner.oracle.com
> do nicely. Now watch McAfee crash as it tries to scan the contents of
> the zip and times out (I believe) thus leaving the machine nice and
> vulnerable since it doesn't auto restart. Any 300MB+ Zip, .tar.gz,
> .cpio.gz etc seems to work. Smaller files may also work depending on
> your machine.

Tim,

Gotta say I don't have that problem with Macafee stuff. I have 98 and XP
machines that have anywhere from 500meg files to, in 2 cases, 2gig
compressed files sitting on them and what you say has never happened even
once in a scheduled scan. I never allow any virus scanner to scan incoming
compressed files. I only allow them to scan when I save to disk from
attachment and that hasn't ever been a problem, either.

Greg.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ