Re: Searching For Virus Info

• Previous message: Tim Donahue: "RE: RPC and grc.com and www.BlackViper.com"
• In reply to: Mike: "Searching For Virus Info"
• Next in thread: Vishal: "Re: Searching For Virus Info"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 25 Nov 2003 15:59:41 -0700
To: Mike <mjcarter@ihug.co.nz>

On Tue, Nov 25, 2003 at 08:57:27PM +1300, Mike wrote:
> HI Everyone,
> I've recently had to try and find a virus name by it's characteristics and
> The problem I have is that if I don't know or can't remember the virus name

If you have the virus on hand just scan it, using HouseCall from
TrendMicro (or similar service) if you lack antivirus software.

If you lack the virus then search the various antivirus companies'
databases. I recommend and use Sophos and TrendMicro for this purpose
all the time. Both usually describe the vector(s) and output of the
virus quite well, allowing for searches for specific strings found in
the virus and vague network symptoms.

> Is there a service I'm unaware of?

Not that I know of. I have never had the need for more than 5 minutes
of searching though.

If you cannot figure out the virus, most (Sophos at least) encourage
you to submit the file and they will tell you the story. You usually
need to be a customer though... so you would normally just scan the
file and use the name given by the scanning software.

-----------------------------------------------------------------------
   __o Bradley Arlt Security Team Lead
 _ \<_ arlt@cpsc.ucalgary.ca University Of Calgary
(_)/(_) Joyously Canadian Computer Science

---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Previous message: Tim Donahue: "RE: RPC and grc.com and www.BlackViper.com"
• In reply to: Mike: "Searching For Virus Info"
• Next in thread: Vishal: "Re: Searching For Virus Info"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]