[unisog] New Bot variants making rounds
r.fulton at auckland.ac.nz
Mon Apr 4 21:31:09 GMT 2005
On Mon, 2005-04-04 at 23:08 +0200, Florian Weimer wrote:
> * Michael Holstein:
> > Heads up .. found two new ones :
> How can these ones be new if there is some AV software that already
> recognizes them? 8-)
I did see the smiley but just in case there is anyone on the list who
thinks this is a serious question the answer is that different AV
products use different strategies to fingerprint nasties. The challenge
for the virus writer is to tweak their existing creations just enough so
that *most* of the of the AV products (or at least the major ones) won't
This is one good reason why it is a good idea to run more than one AV
product (normally one on the desktop and different one on the gateway).
You increase you chances of recognising new variants considerably.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2201 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20050405/c2e05009/smime-0001.bin
More information about the unisog