I hope you'll keep us informed... thanks!
2007/4/17, Gerald Combs <[EMAIL PROTECTED]>:
...so what happens when a malware writer decides to name one of his or her products "msvcr80.dll"? I've posted a question on Barracuda's support forum. It's pending approval. Ionreflex wrote: > Better now than never! Since there was no feedback, I though I could > confirm that the Barracuda Web Filter appliance detects the stated > infection since version 0.99.2 up to 0.99.5... > > > *From*: Gerald Combs <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED] >> > *Date*: Tue, 03 Oct 2006 09:11:17 -0700 > > I received a message from a user that the Barracuda spam/virus firewall > has detected the ILookup.Sbus worm in the Wireshark 0.99.2 release. > This appears to a false positive -- the worm comes in a file named > "sbus.dll", which is the same name used by Wireshark's S-Bus plugin. > > Are there any Barracuda users on the list that can verify this? > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Wireshark-users mailing list > [email protected] > http://www.wireshark.org/mailman/listinfo/wireshark-users _______________________________________________ Wireshark-users mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________ Wireshark-users mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-users
