----- Original Message -----
From: "R. Scott Perry" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, August 31, 2001 9:05 AM
Subject: Re: [Declude.Virus] F-Prot Stuff
> /PACKED is a very different beast. It will attempt to scan compressed
> .EXE's (such as PKLite or Neolite) by actually emulating the decompression
> code. I personally wouldn't use this on a server, just in case someone
> figures out a way to bypass F-Prot's safety mechanisms when running the
> unknown code.
Are you saying it actually tries to execute or interpret the code in the .exe
it finds?
I assumed it was using it's own internal un-pklite type code, in which case I
don't see how it is different from a security perspective than /archive.
Jerry
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus". You can E-mail
[EMAIL PROTECTED] for assistance. You can visit our web
site at http://www.declude.com .
