[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x

To: "H D Moore" <fdlist@xxxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
From: "Morning Wood" <se_cur_ity@xxxxxxxxxxx>
Date: Fri, 9 Dec 2005 16:58:18 -0800

// look, no top post !!!

> Looks like some overzealous idiot at McAfee added "Trojan" signatures for
> 202 files in the latest version of the Metasploit Framework. If you use
> the Framework for your job and have a McAfee support contract, *please*
> call them and let them know that their product is incorrectly tagging a
> standard security tool as a "Trojan" and that this is interfering with
> your ability to conduct business.

the external payloads ( such as vncdll.dll ), could be considered a
"possible malware threat"
but not the whole package. ( although i guess if kiddies can root your
server, upload msf, launch msfweb, that would give you a remote attack
platform... right ). Further, to include these sigs on a desktop product is
just ignorant.

mw
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
  - From: wac

References:
- [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
  - From: H D Moore

Prev by Date: Re: re: [Full-disclosure] 0-day for sale on ebay
Next by Date: Maybe I should give a nlon-flaming answer Re: [Full-disclosure] Looking for a job in OrangeCounty California, honestly
Previous by thread: RE: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
Next by thread: Re: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
Index(es):
- Date
- Thread