[Mimedefang] Question about Virus Scanners

Stephane Lentz Stephane.Lentz at ansf.alcatel.fr
Wed Aug 11 15:39:51 EDT 2004


On Wed, Aug 11, 2004 at 02:42:28PM -0400, Adam Lanier wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Mark Penkower wrote:
> | For those of you using linux virus scanners with MimeDefang, what
> other vendors had defs out as quickly as Mcafee?
> 
> Sophos had an update around 3:00 PM EST for the latest Beagle/Bagle
> variant.  They generally have updates fairly quickly.  I regularly see
> multiple updates during the course of the day.
> 

I would like to gather and compare all vendor updates for threats in
the past 9 months (MIMAIL.C seems to have been a big step in worms
spread). Anybody willing to do this technical comparison project 
with me ?  Right now we only can see antivirus vendors marketing or
biased studies ....

For the one you mention - HTML_BAGLE.AC,TROJ_BAGLE.AC as Trend name it -
but named by other vendors as   W32.Beagle.AO at mm, W32/Bagle.aq at MM,
I-Worm.Bagle.al, W32/Bagle.AJ at mm, W32/Bagle-AQ, I-Worm/Bagle.AK
Trend issued a pattern at  around 10:30 pm CEST on August 9th - I check
updates every 10/15 minutes).  What about Clam, McAfee, Kaspersky and
the other ones ?

Regards, 

SL/
---
Stephane Lentz 
AES TSC 



More information about the MIMEDefang mailing list