| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20080806213904.37a33a58@infradead.org> Date: Wed, 6 Aug 2008 21:39:04 -0700 From: Arjan van de Ven <arjan@...radead.org> To: Mihai Donțu <mdontu@...defender.com> Cc: Adrian Bunk <bunk@...nel.org>, tvrtko.ursulin@...hos.com, Greg KH <greg@...ah.com>, "Press, Jonathan" <Jonathan.Press@...com>, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, malware-list@...ts.printk.net Subject: Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linuxinterfaceforon access scanning On Thu, 7 Aug 2008 03:49:55 +0300 Mihai Donțu <mdontu@...defender.com> wrote: > Well, here is one attempt. > > A good percentage of an AV product's job is to prevent exploitation > of a security hole in a product before the vendor (assuming the > vendor admits it's bug and not a misuse of the product's features). just to get things clear; you're not talking about preventing the actual exploitation per se (that would be the job of the various protection technologies) or the containment (that would be SELinux), but more about detecting the presence and preventing to (accidental) use of pre-canned, widely used exploit binaries/files ? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists