Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Multiple AV Vendors ignoring tar.gz archives
From: Paul Laudanski <zx () castlecops com>
Date: Sat, 5 Feb 2005 13:20:14 -0500 (EST)

Are you finding that certain AVs are not actually checking the contents of 
the tarballs?  I find in using nod32lms it does deep dive and checks each 
file.  Please note that one must configure the nod32.cfg file to permit 
opening tarballs and other archives for inspection.

We've accumulated some consumer opinion reviews on various anti-virus
products, they are compared here:

http://castlecops.com/compare-5


On Sat, 5 Feb 2005, Barrie Dempster wrote:

By passing some archives through www.virustotal.com I discovered that
some AV companies ignore tar.gz's and possibly other archive formats
that aren't very common on windows systems (but supported by the common
archive tools). 

Full write up here:
http://zeedo.blogspot.com/2005/02/multiple-av-vendors-ignoring-targz.html

-- 
Regards,

Paul Laudanski - Computer Cops, LLC.
CastleCops(SM) - http://castlecops.com
http://cuddlesnkisses.com | http://justalittlepoke.com | http://zhen-xjell.com



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]