lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Nov 30 21:27:22 2005
From: dudevanwinkle at gmail.com (Dude VanWinkle)
Subject: Fwd: Report to Recipient(s)

On 11/30/05, Michael Holstein <michael.holstein@...ohio.edu> wrote:
> > Only those with broken AV software, since that line is not the EICAR test
> > string, according to the definition of the EICAR test string.
>
> As many have pointed out, I realize it's supposed to be an attachment :
>
> http://www.eicar.org/anti_virus_test_file.htm
>
> but I've encountered plenty of broken A/V implementations that didn't
> care *where* in the message it was.

Please correct me if I am wrong:

>From what little I know, AV companies do not have 5 engines for
detection, they have 1. Symantecs AV for SMTP, SAV, etc all use the
same detection engine. They just have different ways of parsing the
data (among other features). With the advent of HTML emails, most av
engines will check the body of your emails.

Even if some engines miss it, thats still a _really_ good idea,

thanks for sharing =P

-JP
"X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*"
-Michael Holstein

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ