Search Results

Search found 6 results on 1 pages for 'eicar'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/1 | 1 

  • Should EICAR be updated to test the revision of Antivirus system?

    - by makerofthings7
    I'm posting this here since programmers write viruses, and AV software. They also have the best knowledge of heuristics and how AV systems work (cloaking etc). The EICAR test file was used to functionally test an antivirus system. As it stands today almost every AV system will flag EICAR as being a "test" virus. For more information on this historic test virus please click here. Currently the EICAR test file is only good for testing the presence of an AV solution, but it doesn't check for engine file or DAT file up-to-dateness. In other words, why do a functional test of a system that could have definition files that are more than 10 years old. With the increase of zero day threats it doesn't make much sense to functionally test your system using EICAR. That being said, I think EICAR needs to be updated/modified to be effective test that works in conjunction with an AV management solution. This question is about real world testing, without using live viruses... which is the intent of the original EICAR. That being said I'm proposing a new EICAR file format with the appendage of an XML blob that will conditionally cause the Antivirus engine to respond. X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-EXTENDED-ANTIVIRUS-TEST-FILE!$H+H* <?xml version="1.0"?> <engine-valid-from>2010-1-1Z</engine-valid-from> <signature-valid-from>2010-1-1Z</signature-valid-from> <authkey>MyTestKeyHere</authkey> In this sample, the antivirus engine would only alert on the EICAR file if both the signature or engine file is equal to or newer than the valid-from date. Also there is a passcode that will protect the usage of EICAR to the system administrator. If you have a backgound in "Test Driven Design" TDD for software you may get that all I'm doing is applying the principals of TDD to my infrastructure. Based on your experience and contacts how can I make this idea happen?

    Read the article

  • EICAR like antivirus test for Windows 64 bits

    - by PabloG
    I'm trying to check my antivirus protection downloading the EICAR test program as usual. The antivirus pops up an alert on the download (that's ok), but I cannot run the EICAR.COM program because it's an 16-bit program and I'm running Win7 64bit. I can run the program on DosBox but it's not the same thing as running it directly from the OS. Is there any antivirus test program like EICAR for 64 bit Windows? TIA, Pablo

    Read the article

  • Postfix/ClamAV not stopping viruses under Virtualmin

    - by Josh
    I am using Virtualmin and have it set up to have Postfix scan incoming emails with ClamAV (using clamdscan) and delete any emails which contain a virus. However when I email myself the EICAR test string, it comes through just fine. I know ClamAV will report this file as a virus. How can I troubleshoot this / what could be wrong?

    Read the article

  • Avast not taking any action when opening a virus.

    - by ULTRA_POROV
    I just did a test with the EICAR test virus. I downloaded the file eicar.com Avast was on. If i scan the file it finds it. However if i open it no action is taken. Just nothing. nothing happens i can open it as many times as i want. This is very worrying. The new avast is starting to be a pain. I miss the old one.

    Read the article

  • Scanning php uploads in tmp directory with clamdscan fails

    - by Nikola
    I can't seem to get this thing to work, some permission problem maybe, but i can't even run clamdscan normally form console with root the result is always Permission denied. for example i create a file test.txt (eicar file) in /tmp and execute "clandscan /tmp/test.txt" in console logged in as root and i get "/tmp/test.txt: Access denied. ERROR ". The clamd demon is running with user clamav could that be the reason? Now i want to scan the same file (/tmp/test.txt) via php , so i run (i have chowned the file to apache:apache ) $cmd="clamdscan /tmp/test.txt"; exec($cmd,$a,$b); i get error 127 i try with the full path of the command /usr/bin/clamdscan i get error 126 (command is found but is not executable), this means that apache doesn't have the permission to execute /usr/bin/clamdscan ? what could be the problem?

    Read the article

  • How do you test your porn filter

    - by Zoredache
    For testing antivirus we have EICAR, for SPAM, we have GTUBE. Is there a standard site that is or should be included in blacklists that you can use for testing instead of going to your favorite porn site in front of your boss, the CEO, or someone else who feels that seeing such a site is an excuse for a sexual harassment suit? Update This is less about getting permission for me to test, though that answer is useful. I do have both permission and responsibility to actually make sure the filter is running. I am able test the filter is functioning with a netcat. Instead, I am hoping there is a standard domain name that is blocked by most/all filters for testing. I need to be able to share this with my boss and users. I need to be able to demonstrate what happens when someone go to a filtered page. I need to have a way to quickly prove to others that the filter is working without asking them to go to some site that will not cause grief if for some reason the filter is not working. If there isn't already a good domain for this purpose I may simply have to register a domain myself, and then add the domain to all the filters I am responsible for.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1