Dear List, Years go, I once had a similar occurence, a benign tool of mine was tagged as Malware, while it cerainly was not. I was a bit mad back then.
Nowadays, I've seen admins jump around furiously because their Anti-Virus did not detect a "local exploit" (gina .etc) then complain to the AV vendor to never buy another batch of licenses if this repeats. I see things a bit balanced today, some AV version have the option to enable searching for "hacking tools" or similar. And I like it, if you have a 200+ workstation group and you know (from centralised AV reports) that a guy who will leave in 1 month has multiple "hacking tools" installed, well.. the boss is going to like that one, not to mention the awareness of a potential security problem arrising. so far. -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
