Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: malware testing through proxy
From: Greg Strom <greg () delong com>
Date: Wed, 03 Dec 2008 18:33:36 +0800

Here is my quick $.02. Take a system that you *DON'T CARE ABOUT AND DO NOT HAVE ANY DATA ON* run Windows XP, IE, don't patch the system (Turn off auto updates) go surfing to the 'Darker Side side of the Internet'. You should be able to find what you are looking for and then some. You can use this to demonstrate/Test against real threats in the Wild. You will know that you have enough goodies on your system when it has slowed to a crawl. Put the system 'behind' your proxy thingy and put an ACL on a router/FW and make sure that your system is isolated and can not route traffic other than to your proxy.



raimarm () gmail com wrote:
Hi All,
today some proxies can scan sites if they contain malware (keylogger,
trojans, virues, drive-by-download, etc).
In order to test and demonstrate the malware engines of our proxies I
am looking for some good malware sites that can be tested through a
proxy like bluecoat, Finjan or Ironport-s. I know the eicar.org site
to test if a virus can be found. But I also look for sites which
contain malware or code that looks like malware
but it doesn't cause any harm, but is recognized as such.
Many thanks in advance for your replies.
Cheers
Raimar

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault