Focus on Virus
RE: Extracting signature snippets from AV databases May 08 2006 09:56PM
Bill Stout (bill stout greenborder com)
Hi Jose,

I'm familiar with EICAR. However I'd like to trigger signatures across
the board.

Ultimately I'd like to run a real malware test, but that can only be
done in an isolated lab, and that requires a continuous investment of
time and money to insure the collection is up to date. is another possibility, but I have no contacts
there, and it's somewhat isolated proof (can't touch the environment,
and it's a run-once deal).

Bill Stout

-----Original Message-----
From: Jose Nazario [mailto:jose (at) monkey (dot) org [email concealed]]
Sent: Monday, May 08, 2006 2:42 PM
To: Bill Stout
Cc: focus-virus (at) securityfocus (dot) com [email concealed]
Subject: Re: Extracting signature snippets from AV databases

On Mon, 8 May 2006, Bill Stout wrote:

> Has this been done already? Are specific signatures a 'secret sauce'?


hope that helps.

jose nazario, ph.d. jose (at) monkey (dot) org [email concealed]

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus