Focus on Virus
Back to list
RE: Extracting signature snippets from AV databases
May 08 2006 09:56PM
Bill Stout (bill stout greenborder com)
I'm familiar with EICAR. However I'd like to trigger signatures across
Ultimately I'd like to run a real malware test, but that can only be
done in an isolated lab, and that requires a continuous investment of
time and money to insure the collection is up to date.
http://www.av-test.org/ is another possibility, but I have no contacts
there, and it's somewhat isolated proof (can't touch the environment,
and it's a run-once deal).
From: Jose Nazario [mailto:jose (at) monkey (dot) org [email concealed]]
Sent: Monday, May 08, 2006 2:42 PM
To: Bill Stout
Cc: focus-virus (at) securityfocus (dot) com [email concealed]
Subject: Re: Extracting signature snippets from AV databases
On Mon, 8 May 2006, Bill Stout wrote:
> Has this been done already? Are specific signatures a 'secret sauce'?
hope that helps.
jose nazario, ph.d. jose (at) monkey (dot) org [email concealed]
[ reply ]
Copyright 2010, SecurityFocus