[ale] [OT] Databases of viruses/malware
Michael B. Trausch
mike at trausch.us
Wed Mar 2 13:16:58 EST 2011
Well, alright, so I'm not technically sure if this would be considered
off-topic or not. I'm going to err on the side of safety and say that
it most likely is, though this is something that has to be dealt with on
Linux servers that handle Windows clients.
In any event, I'm looking into a problem, and one of the things that I
need to do is find (good, useful) information on the particular item
that is being problematic. How it works and so forth. I'd assume that
there is a database of viruses and malware somewhere that provides such
useful information, but I'm missing it if there is.
In lieu of that, is there a place somewhere out there that makes these
sorts of things available? Obviously, I can see the abuse potential for
something like that, but it would also be useful for finding things and
obtaining them to run them in isolated sandboxes in order to assess
their total impact to a system. It seems that even with all the
well-known problems that exist in the Windows world, it's difficult for
legitimate AV/AM solutions to clean up after cruft that manages to land
in a system.
In particular, the baddie that I'm looking at has managed to get around
the permissions setup in the system (we're talking about a completely
restricted user account environment) and infect the system proper. I
want to know just how it did that.
--- Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20110302/c43c7432/attachment.bin
More information about the Ale
mailing list