Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Full Disclosure: Re: Multiple AV Vendors ignoring tar.gz archives

Re: Multiple AV Vendors ignoring tar.gz archives

From: Paul Laudanski <zx_at_castlecops.com>
Date: Sat, 5 Feb 2005 13:20:14 -0500 (EST)

Are you finding that certain AVs are not actually checking the contents of
the tarballs? I find in using nod32lms it does deep dive and checks each
file. Please note that one must configure the nod32.cfg file to permit
opening tarballs and other archives for inspection.

We've accumulated some consumer opinion reviews on various anti-virus
products, they are compared here:

http://castlecops.com/compare-5

On Sat, 5 Feb 2005, Barrie Dempster wrote:

> By passing some archives through www.virustotal.com I discovered that
> some AV companies ignore tar.gz's and possibly other archive formats
> that aren't very common on windows systems (but supported by the common
> archive tools).
>
> Full write up here:
> http://zeedo.blogspot.com/2005/02/multiple-av-vendors-ignoring-targz.html 

-- 
Regards,
Paul Laudanski - Computer Cops, LLC.
CastleCops(SM) - http://castlecops.com
http://cuddlesnkisses.com | http://justalittlepoke.com | http://zhen-xjell.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Feb 05 2005
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]