Rant: Common Malware Enumeration (CME) gets mixed reception

["Fergie (Paul Ferguson)" <fergdawg () netzero net>]

Sure -- it would be nice to have a cross-reference enumeration
database to make sense of the various naming conventions used
by various anti-virus and anti-malware vendors, but when the
CME database is not really a database, is not updated in real-
time, and is not searchable, I see very little utility is this
effort.

For example, F-Secure mentioned that one of the newest Sober
variants this morning had been assigned CME-151. Meanwhile,
McAFee makes an AVERT announcement about a similar Sober variant
that they feel warrants alerting their AVERT subscribers. However,
if you go to the CME webpage, there is no listing for it, or any
number of others. They're not even listed in numerical order!

*sigh*

http://fergdawg.blogspot.com/2005/10/common-malware-enumeration-cme-gets.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.