funsec mailing list archives

Re: Latest VB 100 test results

From: "Daniel H. Renner" <dan () losangelescomputerhelp com>
Date: Thu, 06 Dec 2007 11:05:47 -0800

It is interesting to me that anti-virus programs are used to testagainst malware, which is not always a virus.

Our users would think the anti-virus program should stop everything, andthey think the same thing of firewalls - but experienced technicians andpros know better.

IMHO and based on the past 17 years of experience with our clients, Iagree with the comparative test results obtained by a private viruscollector in Greece:

http://www.virus.gr/portal/en/
(Comparative results are listed in the left menu bar.)


Sincerely,

Daniel H. Renner
President
Los Angeles Computerhelp
A division of Computerhelp, Inc.
818-352-8700
http://losangelescomputerhelp.com



funsec-request () linuxbox org wrote:

Date: Thu, 6 Dec 2007 10:30:14 -0500
From: "Alex Eckelberry" <AlexE () sunbelt-software com>
Subject: RE: [funsec] Latest VB 100 test results
To: "Alex Eckelberry" <AlexE () sunbelt-software com>,
        <funsec () linuxbox org>
Message-ID:
        <27C4CD168204684589EC07B2BCFA9CFE0723D009 () hurricane ssdcorp net>
Content-Type: text/plain; charset="us-ascii"

And in case you're not a subscriber, you can get a gist of what happened
from this article:

http://www.pcworld.com/article/id,140315-c,antivirus/article.htmlMany big-brand security products fail to spot commonly-circulating

malware, testing outfit has Virus Bulletin found in its latest tests.

A total of 17 out of 32 of antivirus products failed the company's
stringent VB100 test, which expects software to detect 100 percent of
the commonly-circulating 'WildList' thrown at it without signalling any
false positives.

Programs failing included those from Sophos
<http://www.pcworld.com/tags/Sophos+plc.html> , Kaspersky, Fortinet
<http://www.pcworld.com/tags/Fortinet+Inc..html> , Trend Micro
<http://www.pcworld.com/tags/Trend+Micro+Inc..html> , CA Home, and PC
Tools, though within this group detection failures varied widely. CA's
Home program scored a disturbingly high 40 misses, while the others
scored from 8 misses down to only one miss for Kaspersky. PC Tools'
Spyware Doctor detected the WildList suite but failed because it falsely
identified two files as malware.

(The above is not entirely accurate for PC Tools, which did pass with
their AV product (based on VirusBuster), but not their antispware
product.  And CA's other AV product, eTrust, did pass.)

Alex

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Latest VB 100 test results Alex Eckelberry (Dec 05)
- RE: Latest VB 100 test results Alex Eckelberry (Dec 06)
  - Re: Latest VB 100 test results Jeff Kell (Dec 06)
    - Re: Latest VB 100 test results Drsolly (Dec 06)
    - RE: Latest VB 100 test results Craig Schmugar (Dec 06)
    - Re: Latest VB 100 test results Dude VanWinkle (Dec 10)
- <Possible follow-ups>
- Re: Latest VB 100 test results Daniel H. Renner (Dec 06)
  - Re: Latest VB 100 test results Florian Weimer (Dec 13)