lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: sgmasood at yahoo.com (S G Masood) Subject: Show me the Virrii! --- Richard Maudsley <r_i_c_h@...penworld.com> wrote: > Hi list, > > I recently finished a stable version of my little > Virus-Scanner, LMS ( > http://www.mindblock.org/lms ). > It currently detects 19 viruses. I need it to detect > hundreds. > > How do big Anti-Virus companies get their hands on > new viruses, and how can I? > Various methods. Some of them are: 1. Since many of the big players are already very famous, their customers/general public send them samples of suspicious files. 2. They monitor email gateways. 3. They run large honeynets. 4. When their heuristic engines pick up new viruses automatically, they usually have some kind of an arrangement where they can pick up the binary from the customer. For example, their UI may have a button to automatically submit a quarantined file to the AV vendor for further analysis. 5. They *might* have an arrangement with each other to share samples. As to how you can get samples, I dont think it will be an easy job! You can monitor the various mailing lists and get samples when people post them. Or, if all you need are the signatures, maybe you can try reversing the signature databases of other software... Good Luck! -- S.G.Masood __________________________________ Do you Yahoo!? Free Pop-Up Blocker - Get it now http://companion.yahoo.com/
Powered by blists - more mailing lists