Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Pretty Park IDS Detection
From: brett () LARIAT ORG (Brett Glass)
Date: Tue, 29 Feb 2000 21:29:14 -0700

It is good to see that patterns are being circulated for hardware and
software other than workstation virus checkers; they're sorely needed.

McAfee's automatic update service will not provide their users with pattern
file that protects against the latest version of PrettyPark until tomorrow
(March 1, 2000). Other virus detectors seem to be picking up this new
version, so the greatly increased number of poisoned e-mails we are seeing
is a reflection of McAfee's popularity and of the reliance that people must
be placing upon their virus detectors to catch Trojans.

Fortunately, we now include detection scripts on every e-mail server we set
up, and the scripts we use have so far detected all versions of PrettyPark.
Not that we're sitting on our laurels, mind you. The moment a new piece of
malware comes out, we're on it.

--Brett Glass

  By Date           By Thread  

Current thread:
  • Re: Pretty Park IDS Detection Brett Glass (Feb 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]