Full Disclosure mailing list archives
Re: McAfee VirusScan vs Metasploit Framework v2.x
From: Stan Bubrouski <stan.bubrouski () gmail com>
Date: Sat, 10 Dec 2005 11:06:07 -0500
McAfee sucks when it comes to security tools, they call them all trojans and hacks. A couple years ago I reported a few bugs in a LanSuite Pro and included a perl script to show the attacks on Bugtraq. McAfee was blocking it a week later... but here's the kicker: Everyone on the list and any lists it had been forwarded to who had McAfee were sending me e-mails claiming I sent them a virus. I got thousands of these messages flooding my Inbox. McAfee's response was that it was my problem... about 4 months later I stopped getting the messages... but still this is how they act so it shouldn't surprise you metasploit is blocked. -sb On 12/9/05, sk / GroundZero <fd-list () g-0 org> wrote:
Sure because they can pay NOT to be included by virii scanners so they make more sales ;) Maybe it wasnt even an error, maybe a little tip from someone to the virii companies.. who knows. Reminds me of the Sony case somehow. -sk Http://www.groundzero-security.com ----- Original Message ----- From: "Orlando Padilla" <xbud () g0thead com> To: <full-disclosure () lists grok org uk> Sent: Friday, December 09, 2005 9:18 PM Subject: Re: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.xWould you yank out Canvas, and Core Impact products as well? oh, wait... there probably isn't a sig for those so you wouldn't know. On Friday 09 December 2005 11:38 am, Michael Holstein wrote:Looks like some overzealous idiot at McAfee added "Trojan" signatures for 202 files in the latest version of the Metasploit Framework. If you use the Framework for your job and have a McAfee support contract, *please* call them and let them know that their product is incorrectly tagging a standard security tool as a "Trojan" and that this is interfering with your ability to conduct business.A gun is a legitimate tool too .. except when it's in criminal hands. McAfee (and any other A/V product) let you configure exceptions/overrides. In my enterprise environment (McAfee, BTW), I would *want* copies of Metasploit yanked automatically from a PC. My $0.02 Michael Holstein CISSP GCIA Cleveland State University _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- McAfee VirusScan vs Metasploit Framework v2.x H D Moore (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Michael Holstein (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Andre Ludwig (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Michael Holstein (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Dude VanWinkle (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Byron Copeland (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Michael Holstein (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Andre Ludwig (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Michael Holstein (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Dude VanWinkle (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Orlando Padilla (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x sk / GroundZero (Dec 09)
- Re: McAfee VirusScan vs Metasploit Framework v2.x Stan Bubrouski (Dec 10)
- RE: McAfee VirusScan vs Metasploit Framework v2.x Pavel Kankovsky (Dec 11)
- Re[2]: McAfee VirusScan vs Metasploit Framework v2.x Thierry Zoller (Dec 11)
- Message not available
- Re[4]: McAfee VirusScan vs Metasploit Framework v2.x Thierry Zoller (Dec 11)
- Re: McAfee VirusScan vs Metasploit Framework v2.x wac (Dec 09)