Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Robrt (1414)

Robrt
  (email not shown publicly)

robert at perl dot org

Journal of Robrt (1414)

Monday November 10, 2003
01:08 AM

Bad Idea

[ #15674 ]

Include the EICAR virus string inside another more malicious virus and hope the virus scanner identifies it as EICAR.

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • Surely the point of the EICAR test virus [eicar.org] is that anti-virus software treats it exactly the same as a real virus - ie: auto-delete or least quarantine. So any malicious code you'd added wouldn't get a chance to run.
  • (Unless your point is that maybe some anti virus software is too dumb anyway ....)

    I thought the eicar thing was only allowed to be 128bytes long ... And I don't think it's allowed to contain anything else than the eicar string and whitespace.

      - ask
    --

    -- ask bjoern hansen [askbjoernhansen.com], !try; do();