Re: strange software > winsupdater.exe
From: Jeremy Anderson (jeremy_at_angelar.com)
Date: 03/16/05
- Previous message: Justin: "Re: strange software > winsupdater.exe"
- In reply to: Justin: "Re: strange software > winsupdater.exe"
- Next in thread: Nick FitzGerald: "Re: strange software > winsupdater.exe"
- Reply: Nick FitzGerald: "Re: strange software > winsupdater.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 16 Mar 2005 16:11:21 -0600 To: incidents@securityfocus.com
On Wed, 2005-03-16 at 12:53 +1300, Nick FitzGerald wrote:
>
> Filenames are all but totally useless for diagnosing malware, spyware
> _AND_ the normal operation of a system.
Actually, I'd say they're fairly useful, if you plug them into google. Sites like iamnotageek.com have pretty good information repositories on what is legitimate and what is not.
a filename is no substitute for actual forensic analysis, but it can give you a good leg up on many, many pieces of spyware and malware.
-- Jeremy Anderson Author, MultiTool Linux http://www.angelar.com/~jeremy jeremy@angelar.com http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?userid=UG0uEnaAUk&isbn=0201734206&itm=8
- Previous message: Justin: "Re: strange software > winsupdater.exe"
- In reply to: Justin: "Re: strange software > winsupdater.exe"
- Next in thread: Nick FitzGerald: "Re: strange software > winsupdater.exe"
- Reply: Nick FitzGerald: "Re: strange software > winsupdater.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
