|
Dailydave
mailing list archives
Re: OffensiveComputing
From: "Jeffrey Denton" <dentonj () gmail com>
Date: Sat, 10 Dec 2005 20:20:48 +0100
On a side note, apparently CERT has already issued a complaint to my ISP to
have me taken down. I'll have to look into that one.
That's funny, considering they have one of the largest collections of malware.
One of the tricks they use to identify malware is to run md5sums on each of the ASCII strings found in a file. They
then do a little statistical analysis every time something new comes in. If the string content of something new is a
90 - 95% match against some malware that's already been analyzed, then it's more than likely a new variant. The trick
also works when identifying morphing malware.
 By Date 
By Thread
Current thread:
- Re: OffensiveComputing, (continued)
- Message not available
- Message not available
Re: OffensiveComputing Jeffrey Denton (Dec 10)
|
Intro
