Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Multiple AV Vendors ignoring tar.gz archives
From: Barrie Dempster <barrie () reboot-robot net>
Date: Sat, 05 Feb 2005 17:38:51 +0000

By passing some archives through www.virustotal.com I discovered that
some AV companies ignore tar.gz's and possibly other archive formats
that aren't very common on windows systems (but supported by the common
archive tools). 

If virus writers start using these formats AV companies could be slow to
react as in some cases they may have to write functionality into their
products that doesn't currently exist (support for scanning inside said
archives) this could delay signature updates.

Full write up here:

With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue

blog: http://zeedo.blogspot.com
site: http://www.bsrf.org.uk

[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

Attachment: signature.asc
Description: This is a digitally signed message part

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]