Results 1 to 6 of 6

Thread: GMail AntiVirus = Sophos

  1. #1

    GMail AntiVirus = Sophos

    This was tonights project of mine:

    http://thebillygoatcurse.com/37/ (digg)
    According to various sources around the net, Google won't disclose who is providing the Antivirus technology for it’s web based email service, Gmail.

    Since it was just begging to be answered, I decided to find out for myself.

    Using various malware picked up from “Google Hack” Honeypots, as well as various sources around the net, I cross referenced the Gmail virus alerts with the Virustotal.com database. Using these pieces of malware, I was able to determine through process of elimination that the antivirus provider for Gmail is Sophos, an industry leader. This is my determination based on the data returned to me from Virustotal.com. More testing would verify my claim.
    http://www.macworld.com/news/2005/12...ints/index.php

  2. #2
    From scanning about 50 pieces of malware while doing this, I also got an insight to how well the AV's compete against each other.

    Kaspersky seems to have some pretty thorough detection.
    http://www.thebillygoatcurse.com/gmailresults.html
    http://www.thebillygoatcurse.com/gmailresults2.html

    ClamAV didn't do as well as I figured it would... Fortinet (never heard of 'em) did pretty well too.

  3. #3
    Senior Member
    Join Date
    Mar 2003
    Posts
    372
    Originally posted here by Soda_Popinsky
    From scanning about 50 pieces of malware while doing this, I also got an insight to how well the AV's compete against each other.

    Kaspersky seems to have some pretty thorough detection.
    http://www.thebillygoatcurse.com/gmailresults.html
    http://www.thebillygoatcurse.com/gmailresults2.html

    ClamAV didn't do as well as I figured it would... Fortinet (never heard of 'em) did pretty well too.
    unless you are working on a corporate level you most likely will have never heard of Fortinet. I use them pretty extensively here, and they are a pretty good product.

    The older stuff was "supposedly" using the same AV techniques that Trend is using and there was a rather large lawsuit over it. Fortinet has since changed the way they handle scanning of viruses, and in my opinion has upped the ante a bit to their competitors.

    Oh and I'm not sure if your front page is configured the same way mine is, but at the top is a list of EITPlanet.com: Security Products and Fortinet is listed right there

    Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

  4. #4
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    .

  5. #5
    I thought it'd be neat to see this make slashdot, but I doubt they'll post it unless others confirm it. Unfortunately, I think gmail will be switching vendors to test AV. It's beta and that's the only reason I can think of for not publicizing the vendor.

  6. #6
    Senior Member
    Join Date
    Sep 2005
    Posts
    221
    If they publicize the vendor, it's that much easier to find worms which that particular database doesn't detect and use them, isn't it?
    Definitions: Hacker vs. Cracker
    Gentoo Linux user, which probably says a lot about me..
    AGA member 14460 || KGS : Trevoke and games archived

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •