lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.44.0502051314050.17003-100000@bugsbunny.castlecops.com>
From: zx at castlecops.com (Paul Laudanski)
Subject: Multiple AV Vendors ignoring tar.gz archives

Are you finding that certain AVs are not actually checking the contents of 
the tarballs?  I find in using nod32lms it does deep dive and checks each 
file.  Please note that one must configure the nod32.cfg file to permit 
opening tarballs and other archives for inspection.

We've accumulated some consumer opinion reviews on various anti-virus
products, they are compared here:

http://castlecops.com/compare-5


On Sat, 5 Feb 2005, Barrie Dempster wrote:

> By passing some archives through www.virustotal.com I discovered that
> some AV companies ignore tar.gz's and possibly other archive formats
> that aren't very common on windows systems (but supported by the common
> archive tools). 
> 
> Full write up here:
> http://zeedo.blogspot.com/2005/02/multiple-av-vendors-ignoring-targz.html

-- 
Regards,

Paul Laudanski - Computer Cops, LLC.
CastleCops(SM) - http://castlecops.com
http://cuddlesnkisses.com | http://justalittlepoke.com | http://zhen-xjell.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ