Re: Texas Bank Dumps Antivirus for Whitelisting

[Drsolly <drsollyp () drsolly com>]

On Wed, 16 Jul 2008, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote:

> Date sent:            Wed, 16 Jul 2008 15:47:42 +0100
> From:                 David Harley <david.a.harley () gmail com>
>
> > Change detector/integrity checker. Whatever happened to all those? ;-)
>
> Oh, my word, yes, Inegrity Master and all its ilk.  (And, of course, Gene Kim will 
> be highly offended if I don't mention Tripwire, although it came later.)  However, 
> an awful lot of them simply checksummed the existing proggies, and didn't care if 
> you added anything.  (I remember my shock at reviewing the first AV that handled 
> things that way ...)
 
And many of them didn't checksum the partition sector, and *none* of them 
checksummed Word docs.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.