[Full-Disclosure] National Database of Variants with Fixes-non-vendor specific
Clairmont, Jan M
jan.m.clairmont at citigroup.com
Tue Aug 10 16:48:26 BST 2004
That is why there should be a National Standards Organization for
SPAM, Virii, Trojans, etc. etc. This is a critical need there
should be an RFC created with a reporting database. All vendors would
have be required to report it or they would not meet the
International Standards. They would report the fix and a methodology
for naming time/place of first origin report etc. per exemplar:
A-virus1.1.2004.14:35:01EST.1 alias Mydoom.12 variant.
Time stamp found and unique name type if they turn out to be the same
variant, then the database purges any newer finds without too many
This is not that difficult it just needs to have a reporting authority.
Without a centralized authority on reporting there is
no way to effectively combat the threats to the internet.
I am seeing great ideas, keep it coming.
From: full-disclosure-admin at lists.netsys.com
[mailto:full-disclosure-admin at lists.netsys.com]On Behalf Of
Valdis.Kletnieks at vt.edu
Sent: Tuesday, August 10, 2004 10:47 AM
To: Todd Burroughs
Cc: Frank Knobbe; full-disclosure at netsys.com
Subject: Re: [Full-Disclosure] (no subject)
On Tue, 10 Aug 2004 02:02:23 EDT, Todd Burroughs said:
> No shit. They should at least get together and come up with some
> naming convention. They need to make some common "naming authority",
> not difficult, we do it all the time with other software and as
> in all scientific disciplines.
Software gets named over days/weeks. They crank out a new name for an
every few years. These things need names in *MINUTES* - often while the
A/V companies are looking at different copies of a polymorphic,
piece of malware.
5 blind men and an elephant time... and you want them to agree on a name
they even agree they're looking at the same thing???
Full-Disclosure is hosted and sponsored by Secunia.