Re[2]: AVG didn't catch
Hello Marck, Wednesday, July 17, 2002, 4:56:02 AM, you wrote : MDP We just said that in a long thread discussing the plug-in thesis. The MDP middle man approach slows down *all* mail while plug-ins are only MDP called when there is an attachment worth looking at. MDP Please read the recent thread exploring these issue in depth under the MDP topic OT: Antivirus software review. Sorry, new to the list. -- Best regards, Michael Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re[2]: AVG didn't catch
Replying to your message of Tuesday, July 16, 2002, 9:20:26 PM: MDP This is always going to be a problem with *any* AV software. Any new MDP variants and especially a completely new virus won't be spotted until MDP at least one person reports it to the AV vendor for them to update their MDP database and issue a new one. Hey Marck, This is true only if you have an anti virus that is based on daily signatures to be effective. If you have a solution that is based on rule sets and policies, as well as signatures, your vulnerability will be greatly decreased. -- Pete www.milneweb.com Tuesday, July 16, 2002 10:04:07 AM This e-mail is brought to you by: The Bat: Version 1.61 Windows 2000 build 2195 Service Pack 2 Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re[2]: AVG didn't catch
Replying to your message of Wednesday, July 17, 2002, 10:41:35 AM: MDP Let's MDP not have any more of the hype here please. Hypehow do you mean that?? For example, there is a new virus written tonight. This virus is delivered in a .pif attachment (like Klez is). Tomorrow comes, if you are using XYZ anti virus and it is based solely on signature updates, unless you get the days update you are vulnerable to this virus. Me on the other hand, I use LMN anti virus which is based on signatures, rules sets and policies. This solution is set so it will not allow any .pif attachments to get to my email client. Therefore if I don't get the daily update for some reason, I am protected from this virus regardless. How does this rate as a false security? -- Pete www.milneweb.com Wednesday, July 17, 2002 2:33:16 PM This e-mail is brought to you by: The Bat: Version 1.61 Windows 2000 build 2195 Service Pack 2 Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re[2]: AVG didn't catch
Replying to your message of Wednesday, July 17, 2002, 3:34:44 PM: MDP Yes, but my email client doesn't let me execute .pifs anyway (not MDP without a fight) ... nor does my brain! This is a bit of a pointless MDP and valueless example really. Your LMN AV doesn't do anything common MDP sense wasn't doing in the first place. Marck, You mentioned a quality that I don't get to deal with often in clientscommon sense. That totally changes the whole scenario. Most individuals (including some techy people) I deal with shouldn't even own a computer let alone do email!! They automatically see an attachment like the one Microsoft sent out that said it was a patch...in an .EXE form. Lot's of them opened it and were screwed. -- Pete www.milneweb.com Wednesday, July 17, 2002 6:24:13 PM This e-mail is brought to you by: The Bat: Version 1.61 Windows 2000 build 2195 Service Pack 2 Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re[2]: AVG didn't catch
Hello Marck, Wednesday, July 17, 2002, 4:20:26 AM, you wrote: MDP -BEGIN PGP SIGNED MESSAGE- MDP Hash: SHA1 MDP Hi Rick, MDP @17 July 2002, 21:54 -0400 (02:54 UK time) Rick Reumann [RR] in MDP [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said to Bat List: RR Has anyone else ever received the W32.Frethem.E@mm worm virus? I RR didn't run the exe but it slipped passed AVG with the RR decrypt-password.exe. I thought AVG was supposed to be pretty good. RR I'm surprised this high-profile got by. Should I maybe switch to some RR other protection? (AVG has caught other viruses so it does work and it RR was just updated yesterday). MDP ,-=[ From the Grisoft site ]- MDP Update 377 available. Added detection of three new variants of MDP I-Worm/Frethem. - July 15, 2002 - MDP ` MDP Since there are new variants only a few days old it is no surprise MDP that AVG didn't spot the infection. I have just updated and one that MDP got through on Monday is spotted now. MDP This is always going to be a problem with *any* AV software. Any new MDP variants and especially a completely new virus won't be spotted until MDP at least one person reports it to the AV vendor for them to update their MDP database and issue a new one. MDP - -- MDP Cheers -- .\\arck D. Pearlstone -- List moderator MDP TB! v1.61 on Windows 2000 5.0.2195 Service Pack 2 MDP ' MDP ' MDP -BEGIN PGP SIGNATURE- MDP Version: GnuPG v1.1.90-nr1 (Windows 2000) MDP iD8DBQE9NOJ8OeQkq5KdzaARAgY8AJ95PZgHxJ3N6a4x7GCdkAsTi6JHogCg+Npq MDP oMsadVZ1DKFGCDY5UGaw2jw= MDP =AVl6 MDP -END PGP SIGNATURE- MDP MDP Current Ver: 1.61 MDP FAQ: http://faq.thebat.dutaint.com MDP Unsubscribe: mailto:[EMAIL PROTECTED] MDP Archives : http://tbudl.thebat.dutaint.com MDP Moderators : mailto:[EMAIL PROTECTED] MDP TBTech List: mailto:[EMAIL PROTECTED] MDP Bug Reports: https://www.ritlabs.com/bt/ varients should still contain something in similar fashioon to the origional, and still should be realised. -- Best regards, Michael Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/