|
Nmap Development
mailing list archives
Re: Nmap is detected as a trojan by avast anti-virus
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 25 Jul 2008 20:05:16 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 25 Jul 2008 13:03:15 -0700
doug () hcsw org wrote:
Unfortunately this is not the first time this has happened:
http://seclists.org/nmap-dev/2005/q3/0097.html
Can't be too hard on them though. I bet 99% of packed win32
binaries bundling pcap and dnet are in fact up to no good. :)
Doug
That and about 10% of our (UCSD) hacked Windows boxes end up with Nmap
dropped on them so that the bad guys can find internal services
(generally RDP). I generally think "cool, bad guys use Nmap too" but
then I'm sorely disappointed by their lack of Nmap skilz when I look at
the batch files they write to do the scans.
Nmap is a "potentially unwanted program" -- especially when found on
Windows. The problem is that AV products don't include enough
information for the lay-person to make an educated decision about what
a particular detection actually means or if they should worry or not.
Brandon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkiKMfwACgkQqaGPzAsl94Lc0ACgmT4W231NbcysbcSOg80y0815
4IkAnj7e22bhLO9m4XPa8nfL2ODe0/I9
=AXgg
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
| 
Intro
