Common configuration for say MS-Exchange and MS-SQL is to exclude the
database directories themselves. Knowing this information makes it a
potential vector.
On Aug 22, 2009, at 12:25 PM, Jim Halfpenny wrote:
It depends on the AV software and how it is configured. Many
packages allow for whitelisting files or directories so that they do
not get scanned, useful if you have a legitimate tool which is
flagged as malicious. There's no reason why malware could not try to
subvert this behaviour to hide themseleves if that's your line of
thinking.
Jim
2009/8/21 Dimitrios Kapsalis <[email protected]>
Was thinking this afternoon, when anti-virus scans run, are there
certain directories that they always skip?
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
