North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Clueless anti-virus products/vendors
- From: Florian Weimer
- Date: Wed Dec 07 07:57:50 2005
* Steven M. Bellovin:
> A-V companies are in the business of analyzing viruses.
Many offer analysis services, but this is done upon special request,
and only if you pay extra.
> They should *know* how a particular virus behaves.
You don't need to know what the virus does in order to detect it with
a file-based signature. Analysis stops as soon as detection is
possible with sufficient accuracy. Timebombs and other hidden
functionality go unnoticed (unless the malware is form a well-known
strain which has such features).