lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <013201c47f01$35bc3c40$6401a8c0@wcglap001>
From: ruiper at shaw.ca (Rui Pereira)
Subject: AV Naming Convention

What about something similar to the CVE - Common Vulnerabilities and
Exposures - http://www.cve.mitre.org/? From their web site...

" Common Vulnerabilities and Exposures (CVER) is:
A list of standardized names for vulnerabilities and other information
security exposures - CVE aims to standardize the names for all publicly
known vulnerabilities and security exposures."

Rui Pereira,B.Sc.(Hons),CIPS ISP,CISSP,CISA
WaveFront Consulting Group



-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Randal, Phil
Sent: August 10, 2004 9:34 AM
To: Todd Towles; full-disclosure@...sys.com
Subject: RE: [Full-Disclosure] AV Naming Convention

I have thought about it, every time this issue is raised.  To do what is
proposed at first glance seems eminently sensible, but even a post-hoc
renaming exercise requires additional "vendor" resources, and leads to
customer confusion.

Cheers,

Phil

----
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK  

> -----Original Message-----
> From: Todd Towles [mailto:toddtowles@...okshires.com] 
> Sent: 10 August 2004 17:18
> To: 'Randal, Phil'; full-disclosure@...sys.com
> Subject: RE: [Full-Disclosure] AV Naming Convention
> 
> How would a name stop an AV company from protecting its 
> customers? A name is only a name. AV companies should do 
> their job and stop viruses. But do we really care what they 
> are called in the first couple of hours, no? I am trying to 
> encourage sharing of some information between AV companies to 
> better protect the public.
> 
> I really don't care what they name them as long as they stop 
> them. But the idea would be nice. If each company is going to 
> have names for stuff..they can just use long strings of 
> numbers. Would it really matter what one company names a 
> virus in the first couple of hours?
> 
> Maybe it will never happen because of money and the desire to 
> be the first to discover it. But all the corporations of the 
> whole have to deal with multiple AV engines, confusing names 
> and variants. 
> 
> Maybe the idea wouldn't work, but to just throw it off 
> without thinking about change is sad.
> 
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
> Randal, Phil
> Sent: Tuesday, August 10, 2004 10:07 AM
> To: full-disclosure@...sys.com
> Subject: RE: [Full-Disclosure] AV Naming Convention
> 
> > I have to agree with Todd, the naming convention is now 
> right useless 
> > for the normal population and make keeping up with viruses on a 
> > corporate level that much harder. AV companies are always trying to 
> > beat the other company and this leads to very little information 
> > sharing between the companies on new viruses, etc.
> > 
> > Maybe a foundation should be created. This foundation could give a 
> > seal of approval to all AV corporations that join in.
> > We are starting to make rules for patch management over at 
> > patchmanagment.org. Why couldn't a group work with AV names and the 
> > first company that finds and IDs it correctly gets to name 
> it in the 
> > foundation. Just a dream, I would guess.
> 
> This completely misses the point.  When a new virus is 
> discovered, it is essential that there is a RAPID response to 
> the threat.  The idead of handing the critter over to a 
> committee to decide it's name is, quite frankly, plain 
> bonkers.  I for one would rather all the antivirus vendors 
> came up with their own names if it meant that 
> detection/disinfection patterns came out hour earlier.
> 
> Cheers,
> 
> Phil
> 
> ----
> Phil Randal
> Network Engineer
> Herefordshire Council
> Hereford, UK
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ