AV applications obsolete?
Results 1 to 9 of 9

Thread: AV applications obsolete?

  1. #1
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178

    AV applications obsolete?

    Well, this year's blackhat produced one or two amusing items. The "race to zero" contest being one? That's the one where you have to obfuscate really old malware to pass the latest AVs.

    http://www.securityfocus.com/news/11531

    What really creased me up was that Symantec obviously didn't want to play the game fairly?

    Me// I would just install DOS 5.0 (a well known malware) and run what I liked; knowing that none of the AVs or security suites could handle it
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  2. #2
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Location
    Atlanta
    Posts
    1,024
    Imagine what would happen if someone rewrote and released some of the major bugs. Sasser alone brought several corporations in the US to their knees with the constant restart exploit. I vote everyone moves to Linux and forces software developers to move with us!

  3. #3
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Quote Originally Posted by keezel
    Imagine what would happen if someone rewrote and released some of the major bugs. Sasser alone brought several corporations in the US to their knees with the constant restart exploit. I vote everyone moves to Linux and forces software developers to move with us!
    Remember that Sasser and Msblaster relied on an unpatched vulnerability to infect (sasser being the least effective) We are only ever one unpatched vulnerability away from any of the above.. the open door of IE6 .. how many still use it..too many.. don't forget that many people running Firefox are open as well..well those who do not block scripts.. Now to obscure any of the old RAT's from NAV., Trend, CA, NA etc.. would be a challenge but not impossible...
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  4. #4
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,242
    Quote Originally Posted by keezel
    I vote everyone moves to Linux and forces software developers to move with us!
    We n.e.e.d some Linux viruses.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Hmm

    To be perfectly honest Panda AV has trouble detecting very old malware for some reason.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Hmmmmm,

    To be perfectly honest Panda AV has trouble detecting very old malware for some reason.
    Yes, I found that problem with Panda.......... probably because my 286 only has a 20 Megabyte HDD

    Seriously, a lot of the old stuff just won't run on XP or Vista, so why check for it?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  7. #7
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    True Nihil

    I msut explain to a customer why AVG 7.5 Free edition pics these old malware types up and Panda doesnt, quite difficult.

    However with the 2009 product it cross references the "cloud" which is a little server sitting in spain for the 10 million signatures it has. I dont know how thqat will affect BW but its better than the 1.8 mil signature resident on the machine.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  8. #8
    Senior Member
    Join Date
    Feb 2002
    Posts
    856

    Linux has its problems too!

    "I vote everyone moves to Linux and forces software developers to move with us!"

    Linux has problems too.

    For example, see this: http://www.cs.arizona.edu/people/jus...-managers.html

    Recently I stopped using antivirus software. Part of the decision came from wanting to ditch the system overhead. And there was another reason I won't get into to. I figured that updating, careful monitoring of what I download and install, and use of Vista's User Account Control and Data Execution Prevention techniques will keep me out of trouble. When I used XP I used an ordinary user account the vast majority of the time. I for one appreciate this new feature of Vista. I do use the free version of BitDefender to scan stuff I download from the Internet, and I have Windows Defender running.

    (However, recently I read about this new possible area of exploits for Vista (however I believe some of it could also apply to Linux systems which use AppArmor and SELinux and the like).

    http://searchsecurity.techtarget.com...324395,00.html

    Needless to say I'm interested in what comes of this.)

    I've also read that malware writers test their exploits against different AV suites to make sure it works. I think I agree with those who say AV software can give a false sense of security.
    For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
    (Romans 6:23, WEB)

  9. #9
    Banned
    Join Date
    Jan 2008
    Posts
    605
    We n.e.e.d some Linux viruses.
    Every compromised server I've ever seen had ten or twelve year old web based shells installed.

Similar Threads

  1. Spyware/Maleware User Agreements
    By moxnix in forum Spyware / Adware
    Replies: 7
    Last Post: July 8th, 2004, 01:42 PM
  2. The history of the Mac line of Operating systems
    By gore in forum Operating Systems
    Replies: 3
    Last Post: March 7th, 2004, 07:02 AM
  3. Replies: 2
    Last Post: February 4th, 2004, 04:55 PM
  4. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 07:01 AM
  5. The Worlds Longest Thread!
    By Noble Hamlet in forum AntiOnline's General Chit Chat
    Replies: 1100
    Last Post: March 17th, 2002, 08:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides