North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Clueless anti-virus products/vendors (was Re: Sober)
- From: Steven M. Bellovin
- Date: Sun Dec 04 23:06:04 2005
In message <B6621ED4D0AD394BBA73CA657DFD8976869630@MSPEXBE01.wamnet.inc>, "Chur
ch, Chuck" writes:
>
>What about all the viruses out there that don't forge addresses?
>Sending a warning message makes sense for these. Unless someone has
>done the research to determine the majority of viruses forge addresses,
>you really can't complain about the fact that the default is to warn.
>Calling vendors 'clueless' because a default doesn't match your needs is
>a little extreme, don't you think? The ideal solution would be for the
>scanning software to send a warning only if the virus detected is known
>to use real addresses, otherwise it won't warn.
>
A-V companies are in the business of analyzing viruses. They should
*know* how a particular virus behaves.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
|
