[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re[2]: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re[2]: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
From: Thierry Zoller <Thierry@xxxxxxxxx>
Date: Sun, 11 Dec 2005 11:51:17 +0100

Dear List,

Years go, I once had a similar occurence, a benign tool of mine was tagged as
Malware, while it cerainly was not. I was a bit mad back then.

Nowadays, I've seen admins jump around furiously because their Anti-Virus did
not detect a "local exploit" (gina .etc) then complain to the AV vendor
to never buy another batch of licenses if this repeats.

I see things a bit balanced today, some AV version have the option to
enable searching for "hacking tools" or similar. And I like it, if you
have a 200+ workstation group and you know (from centralised AV reports)
that a guy who will leave in 1 month has multiple "hacking tools"
installed, well.. the boss is going to like that one, not to mention
the awareness of a potential security problem arrising.

so far.

-- 
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- RE: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
  - From: Debasis Mohanty
- RE: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
  - From: Pavel Kankovsky

Prev by Date: RE: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
Next by Date: Re[4]: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
Previous by thread: RE: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
Next by thread: Re[4]: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x
Index(es):
- Date
- Thread