funsec mailing list archives
Rant: Common Malware Enumeration (CME) gets mixed reception
From: "Fergie (Paul Ferguson)" <fergdawg () netzero net>
Date: Thu, 6 Oct 2005 15:34:24 GMT
Sure -- it would be nice to have a cross-reference enumeration database to make sense of the various naming conventions used by various anti-virus and anti-malware vendors, but when the CME database is not really a database, is not updated in real- time, and is not searchable, I see very little utility is this effort. For example, F-Secure mentioned that one of the newest Sober variants this morning had been assigned CME-151. Meanwhile, McAFee makes an AVERT announcement about a similar Sober variant that they feel warrants alerting their AVERT subscribers. However, if you go to the CME webpage, there is no listing for it, or any number of others. They're not even listed in numerical order! *sigh* http://fergdawg.blogspot.com/2005/10/common-malware-enumeration-cme-gets.html - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Rant: Common Malware Enumeration (CME) gets mixed reception Fergie (Paul Ferguson) (Oct 06)
- Re: Rant: Common Malware Enumeration (CME) gets mixed reception Florian Weimer (Oct 06)
- Re: Rant: Common Malware Enumeration (CME) gets mixed reception Jordan Wiens (Oct 06)