PaulDotCom mailing list archives
Use of EICAR AV test string in signatures
From: wesley at mcgrewsecurity.com (Robert Wesley McGrew)
Date: Thu, 20 May 2010 08:01:21 -0500
On Wed, May 19, 2010 at 9:48 PM, Rob Fuller <jd.mubix at gmail.com> wrote:
Experiment?over. thanks, and sorry for the?inconvenience. If, as you say, you combed your spam and found the email, you should have known who to talk to. But I understand the detriment to the list, as there might be others also missing out. Oh, and that AV you are using, technically shouldn't be finding EICAR in non-binary form, if I remember the purpose of it. I could be wrong.
All of the (68) bytes in eicar.com are printable ASCII, so it would be difficult for AV to tell, without opening up the possibility of false negatives. -- Wesley McGrew http://mcgrewsecurity.com
Current thread:
- Use of EICAR AV test string in signatures Jim Goltz (May 19)
- Use of EICAR AV test string in signatures Rob Fuller (May 19)
- Use of EICAR AV test string in signatures Robert Wesley McGrew (May 20)
- Use of EICAR AV test string in signatures Rob Fuller (May 19)