Re: Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)

---

• From: Valdis.Kletnieks@xxxxxx
• Date: Mon, 17 Jul 2006 17:43:01 -0400

---

On Mon, 17 Jul 2006 17:27:30 EDT, Dude VanWinkle said:

Hmm, any bets on who is the most infected TLD... :-)

-JP<who is betting on .ru>

"Biggest source of malware" isn't the same as "most infected".

I'm betting on .com/.net (the US cablemodem/DSL section of that),
.ko, and .cn as being the biggest contenders for infected.

Attachment: pgp2VY44uq6UE.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

---

• Follow-Ups:
  • Re: Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)
    • From: Dude VanWinkle

• References:
  • [Full-disclosure] Google Malware Search
    • From: H D Moore
  • Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)
    • From: Debasis Mohanty
  • Re: Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)
    • From: Dude VanWinkle

• Prev by Date: [Full-disclosure] anoNet: Cooperative Chaos
• Next by Date: [Full-disclosure] New CVE identifiers for separate PowerPoint 0-day issues assigned
• Previous by thread: Re: Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)
• Next by thread: Re: Using Magic Values along with filetype to find malicious files (was RE: [Full-disclosure] Google Malware Search)
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Full-Disclosure  > 2006-07