Just to satisfy my curiosity, but, when was the last AV update performed? One could assume some anti-virus would be up-to-date even if the last update was performed a month or so ago. On the other hand, an anti-virus update usually is done sometimes even several times er day (well, mine does).
Have you tried the binaries virustotal.com (or equivalent)? Cheers, Chris. On Sat, Dec 11, 2010 at 5:52 AM, Charles Polisher <[email protected]> wrote: > Adam Behnke wrote: > > Hi everyone, InfoSec Institute author Russ McRee has written up an > overview > > on tools to ensure maximum readiness for incident response teams, > including > > drill tactics. PCI-DSS audits often require IR testing validation; drill > > quarterly and be ready next audit cycle. > > > > > http://resources.infosecinstitute.com/incident-response-and-audit-requirements/ > > > > Please let me know your thoughts. > > "Remember that you're playing with binaries that will likely cause > antivirus to fire." > > I take issue with this statement. Tonight I tested $VENDOR's > up-to-date anti-virus against 10 day-old malware samples captured > from the wild - the detection rate was abysmal (225/539). > Maybe your AV is better than mine. > > -- > Charles Polisher > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
