Inside AV engines?

---

• From: "Jeroen" <jeroen@xxxxxxxx>
• Date: Mon, 12 Dec 2005 23:56:33 +0100

---

For penetration testing on Wintel system, I often use netcat.exe and stuff
like pwdump. More and more I need to disable anti-virus services before
running the tools to avoid alarms and auto-deletion of the applications. It
works but it isn't an ideal situation since theoretically a network can be
infected while the AV-services are down. Recompiling tools is an option
since the source of many tools I use is available. The question is (before I
burn useless CPU cycles): can someone help me getting info about the inside
of AV engines? Will addition of some rubbish to the code do the trick (->
other checksum), do I need to change some core code or is it a mission
impossible anyway? Who can help for example getting some useful research
papers on the subject of detecting viruses and how to bypass mechanisms
used? Any help will be appreciated.


Greets,

Jeroen



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

---

• Follow-Ups:
  • Re: [Full-disclosure] Inside AV engines?
    • From: Michael Tewner
  • Re: [Full-disclosure] Inside AV engines?
    • From: Valdis Shkesters
  • Re: [Full-disclosure] Inside AV engines?
    • From: ad@xxxxxxxxxxxxxxxx

• Prev by Date: RE: network printers
• Next by Date: Re: [Full-disclosure] Inside AV engines?
• Previous by thread: network printers
• Next by thread: Re: [Full-disclosure] Inside AV engines?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Qualys ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) RE: Pre-Scanning for Marketing ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ... (Pen-Test) Re: Qualys ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) RE: New article on SecurityFocus (.WMF Vuln) ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) Re: Penetration test of 1 IP address ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ... (Pen-Test)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)