Developer Forum

Hi!

Just struggling to find some URL where one can download
preferable (tar.gz) a bunch of real virus for testing av
scanner, functionality and performance.

Anything found are some lame test files just a few bytes large,
but I want a bunch of real virus to emulate real world
conditions. ;(

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo XXXX@XXXXX.COM | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 380: Operators killed when huge stack of backup
tapes fell over.

Check your spam ;-)

In comp.os.linux.misc Chris < XXXX@XXXXX.COM >:



My first thought, unfortunately it's zeroed nightly and no virus
until now. ;( In addition I'd like a bunch of virus not just one
or two...

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo XXXX@XXXXX.COM | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 423: It's not RFC-822 compliant.

Try this: http://www.yqcomputer.com/

Michel

In comp.os.linux.misc dillinger < XXXX@XXXXX.COM >:


[..]


Thx a bunch, seems I had missed the proper search key.

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo XXXX@XXXXX.COM | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 337: the butane lighter causes the pincushioning

Is there no Windows XP box near you? They're normally infested.
--
mark south: world citizen, net denizen
echo XXXX@XXXXX.COM |tr a-z n-za-m
"Take it? I can't even parse it!" - Kibo, in ARK

In comp.os.linux.misc Mark South < XXXX@XXXXX.COM >:




Not that I'm aware of. However the problem has been resolved,
just didn't used the proper keyword while searching, but someone
already kindly offered it "testvirus".

This found easily a bunch of stinking virus .exe .com and what
else to test proper functionality of av scanning software. It's a
shame we can't enjoy all those great stuff running unix.

Someone did his best, trying to use wine, but alas results were
rather disappointing:

http://www.yqcomputer.com/

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo XXXX@XXXXX.COM | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 330: quantum decoherence

Yeah, I know. I was kinda joking.


I can't even begin to tell you how much I miss getting my regular doses of
mail virus.

I used to work in a company that had about 30,000 Windows boxes running
Outlook and Exchange and we used to lose hundreds of person-days each week
cleaning up after each mail-borne virus hit. The AV software was always
behind the game, too.


Mnay viruses seem to be written for the hardware rather than the virtual
machine.
--
mark south: world citizen, net denizen
echo XXXX@XXXXX.COM |tr a-z n-za-m
"Take it? I can't even parse it!" - Kibo, in ARK

: I used to work in a company that had about 30,000 Windows boxes running
: Outlook and Exchange and we used to lose hundreds of person-days each week
: cleaning up after each mail-borne virus hit. The AV software was always
: behind the game, too.

amazing that a large company ( 30k+ desktops) couldn't
afford a competent sys admin! Virtually all viruses
like that are a result of improper permissions ( usually
leaving things wide open ).

Stan

--
Stan Bischof ("stan" at the below domain)
www.worldbadminton.com

In comp.os.linux.misc, on Mon 20 March 2006 17:26,



The vector goes under a variety of names:

Internet Explorer
Windows Media Player
Outlook
Outlook Express

Thanks to those vectors, improper permissions are not a problem to the
virus ;-o
--
Robert HULL

Archival or publication of this article on any part of thisishull.net
is without consent and is in direct breach of the Data Protection Act

Sad to say, all that comment shows is that you have little experience with
MS-Windows or very large companies.

--
mark south: world citizen, net denizen
echo XXXX@XXXXX.COM |tr a-z n-za-m
"Take it? I can't even parse it!" - Kibo, in ARK

In comp.os.linux.misc XXXX@XXXXX.COM :



It's more or less impossible on a large network to defeat someone
with or without permission from plugging in some laptop, already
infected with M$ malware into some LAN. Once you have some crap
inside you need a tight policy to keep it from spreading. Seen
all that, though we didn't lose anything.

There are many companies, where IT has only one purpose, being as
cheap as possible. Size doesn't matter in this regard.

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo XXXX@XXXXX.COM | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 158: Defunct processes

:> : I used to work in a company that had about 30,000 Windows boxes running
:> : Outlook and Exchange and we used to lose hundreds of person-days each week
:> : cleaning up after each mail-borne virus hit. The AV software was always
:> : behind the game, too.
:>
:> amazing that a large company ( 30k+ desktops) couldn't
:> afford a competent sys admin! Virtually all viruses
:> like that are a result of improper permissions ( usually
:> leaving things wide open ).

: Sad to say, all that comment shows is that you have little experience with
: MS-Windows or very large companies.

Been there ( 50k or so desktops )done that ( Windows sys admin
in one of my hats ) and lots of experience. No Windows machine
I admin has ever had successful virus attack and I often don't
bother with AV software since it is such a pain.

Biggest key is to NOT run as root, since very little of the
malware has privilege escalation capability.

If you want to learn more about proper Windows sysadmin though,
this is not the correct forum.

Stan


--
Stan Bischof ("stan" at the below domain)
www.worldbadminton.com

In comp.os.linux.misc, on Mon 20 March 2006 20:38,


I've lost count of the number of M$ "sysadmins" who have made that sort
of arrogant claim then turned green when a scan with a *reputable* AV
suite showed dozens of different viruses infesting each machine
scanned.
--
Robert HULL

Archival or publication of this article on any part of thisishull.net
is without consent and is in direct breach of the Data Protection Act

The trick is to remove 50k power cords ;) Crikey, some of MSFT's
patchware is malware.

Grant.
--
Memory fault -- brain fried