[Mimedefang] Question about Virus Scanners
Stephane Lentz
Stephane.Lentz at ansf.alcatel.fr
Wed Aug 11 15:39:51 EDT 2004
On Wed, Aug 11, 2004 at 02:42:28PM -0400, Adam Lanier wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Mark Penkower wrote:
> | For those of you using linux virus scanners with MimeDefang, what
> other vendors had defs out as quickly as Mcafee?
>
> Sophos had an update around 3:00 PM EST for the latest Beagle/Bagle
> variant. They generally have updates fairly quickly. I regularly see
> multiple updates during the course of the day.
>
I would like to gather and compare all vendor updates for threats in
the past 9 months (MIMAIL.C seems to have been a big step in worms
spread). Anybody willing to do this technical comparison project
with me ? Right now we only can see antivirus vendors marketing or
biased studies ....
For the one you mention - HTML_BAGLE.AC,TROJ_BAGLE.AC as Trend name it -
but named by other vendors as W32.Beagle.AO at mm, W32/Bagle.aq at MM,
I-Worm.Bagle.al, W32/Bagle.AJ at mm, W32/Bagle-AQ, I-Worm/Bagle.AK
Trend issued a pattern at around 10:30 pm CEST on August 9th - I check
updates every 10/15 minutes). What about Clam, McAfee, Kaspersky and
the other ones ?
Regards,
SL/
---
Stephane Lentz
AES TSC
More information about the MIMEDefang
mailing list