lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20051209201907.54D92108C@lists.grok.org.uk>
Date: Fri Dec  9 20:19:45 2005
From: mail at hackingspirits.com (Debasis Mohanty)
Subject: McAfee VirusScan vs Metasploit Framework v2.x

>> From: H D Moore
>> Sent: Saturday, December 10, 2005 12:48 AM
>> To: full-disclosure@...ts.grok.org.uk
>> Subject: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x

>> Looks like some overzealous idiot at McAfee added "Trojan" signatures for
>> 202 files in the latest version of the Metasploit Framework.

Infact this doesn't really surprise me. Those overzealous idiots at McAfee
never fail to add any of those security related tools (apart from their own
security tools) available in this planet to their signatures. Wow !! Those
guys must be really smart!! 

Just for the info, they have also added Nmap as "potentially unwanted
application" (http://vil.mcafeesecurity.com/vil/content/v_100955.htm) and
they even didn't spare a demo tool which was developed by me to demonstrate
a firewall leak test
(http://vil.mcafeesecurity.com/vil/content/v_136350.htm). Although, I was
bit lucky here as they tagged it as a demo tool. However, an ordinary user
always gets scared by such warnings from the AV and will end of complaining
about the same. 

Someone just mentioned regarding those guns & criminals, the idea here is;
can't they have some safe program list and give the option to the users to
decided whether to have them on the system on not?? The user might draw
wrong conclusion by seeing such un-necessary & scary warnnings from McAfee. 

I am just wondering, how come they have failed to add their own security
tools to the non-wanted list. 


- D (aka T)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ