Re: [Full-Disclosure] National Database of Variants with Fixes-non-vendor specific

From: John Hall (j.hall_at_f5.com)
Date: 08/11/04

  • Next message: lists_at_NGSEC: "[Full-Disclosure] NGSEC's response to Idefense overflow protections whitepaper."
    To: "Gary E. Miller" <gem@rellim.com>
    Date: Wed, 11 Aug 2004 13:03:04 -0700
    
    

    Gary E. Miller wrote:

    >I guess I must now bow to you superior scholarship?
    >
    >
    Well....if you feel you must, although I'd have a lot more fun, if
    you proved me wrong with some verifiable leads supporting your
    initial statement:

    > No thanks, given all the virii that the Feds already tell the US
    > anti-virus companies NOT to detect I'll put my money on global
    > free enterprise.

    >Once again, you can lead a horse to water, but...
    >
    >
    You can't make him wear a tinfoil hat? ;-)

    No, seriously, I wouldn't put it past our current administration
    and the tinfoil hat wearers at the FBI (yes, they got theirs too)
    or worse, the jackboot wearers at the FBI (and elsewhere at the fed),
    to fantasize about pushing such a dictum upon the US AV vendors (not
    even crediting that a significant portion of the AV market is held
    by non-US vendors), but realistically, it seems unlikely they'd be
    successful in such an approach.

    Going even further off-topic (par for the course for FD), does
    anyone have any ideas how they might create such a trojan (there
    seems to be no mention of self-replication in any of the articles)
    that could be recognized and ignored by AV software, but prevent
    others from using the same methodology to shield their malware?

    >RGDS
    >GARY
    >- ---------------------------------------------------------------------------
    >Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
    > gem@rellim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676
    >
    >

    -- 
    John Hall              Test Manager - Switch Team             F5 Networks, Inc.
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: lists_at_NGSEC: "[Full-Disclosure] NGSEC's response to Idefense overflow protections whitepaper."