TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
> From: John Taylor > I think I know what this may be, it depends upon how > intelligent the av you > use is! It looks to me that Norton is picking up the string > in the Sensor > code relative to detecting code red and identifying it > wrongly as Code red > worm! I had similar problems with Norton but never saw it > with McAffee. Not in this case, though this is a separate problem that users should be aware of. If you take a binary editor to bisensor.dll (or iss-pam1.dll, depending on version), you'll notice some odd looking strings. These are "rot-13" encoded, designed to obfuscate the strings to prevent Norton/McAfee from falsely triggering on the signatures within the code. We try to obfuscate any string we think an anti-virus product will trigger on, but every so often, we get a customer telling us about some product that is falsely triggering, and we go in and do some more obfuscation (and often, anti-virus vendors will likewise change their strings to avoid triggering on us). Regards, Robert Graham Chief Architect, Internet Security Systems
