Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!

From: evilninja (evilninja_at_gmx.net)
Date: 06/13/04

  • Next message: Rodrigo Barbosa: "Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!"
    To: full-disclosure@lists.netsys.com
    Date: Sun, 13 Jun 2004 19:14:42 +0200
    
    

    bipin gautam wrote:
    >>Hello everybody,
    >>
    >>I wounder how many Antivirus/Trojan/Spyware scanners
    >>will choak to death while having a manual scan of
    >>the
    >>file:
    >>
    >>http://www.geocities.com/visitbipin/SERVER_dwn.zip
    >>
    >>I was woundering, what would be the results if such
    >>file gets stucked in an "AV gateway" (O;
    >>
    >>please, report your findings.....

    evil@sheep:~$ clamscan SERVER_dwn.zip
    SERVER_dwn.zip: Oversized.Zip FOUND

    ----------- SCAN SUMMARY -----------
    Known viruses: 21904
    Scanned directories: 0
    Scanned files: 1
    Infected files: 1
    Data scanned: 20.13 MB
    I/O buffer size: 131072 bytes
    Time: 11.167 sec (0 m 11 s)
    evil@sheep:~$

    from the config of clamav:

    ScanArchive
    ArchiveMaxRecursion 30
    ArchiveMaxFiles 1000
    ArchiveMaxFileSize 100M

    -> http://clamav.sourceforge.net/

    -- 
    BOFH excuse #29:
    It works the way the Wang did, what's the problem
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Rodrigo Barbosa: "Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!"