On Mon, 11 Aug 2008 17:12:57 +0200, Dr. Stephen Fedtke <[EMAIL PROTECTED]> wrote:
>... >we are specialized in runtime-related z/OS malicious code detection, and >programcode scan for virus/malicious code on load module level ... Interesting. Your system can determine intent just by reading load modules? That's neat. I'm about to maliciously use IEBGENER to wipe out the directory of a library and you can detect that. Or I'm going to embezzle gobs of money by rounding up rather truncating (or whatever that technique is). Looking for a virus with an obvious signiture is maybe not too hard. Looking for "non normative code, a code that makes things not allowed or planned intentionally or not" is another matter altogether. I'm willing to be proven wrong, but I suspect any system that claims to do that would be so plagued with false positives (and probably false negatives) that it would be next to useless. Pat O'Keefe ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
