Date: Wed, 23 Feb 2000 16:41:21 +1100 From: "Lachlan O'Dea" <lodea@vet.com.au> To: "Ronald G. Arnold Jr." <rarnold@colemantx.com> Cc: questions@FreeBSD.ORG Subject: Re: *sigh* Re: Just thought you'd like to know... Message-ID: <20000223164121.G18242@vet.com.au> In-Reply-To: <001101bf7dbb$558ca420$8b7b403f@ronaldjr>; from rarnold@colemantx.com on Tue, Feb 22, 2000 at 11:03:31PM -0600 References: <000801bf7db7$a7502d80$0f646464@david> <20000222211407.N21720@fw.wintelcom.net> <001101bf7dbb$558ca420$8b7b403f@ronaldjr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 22, 2000 at 11:03:31PM -0600, Ronald G. Arnold Jr. wrote: > I somewhat agree with you about NAV, but for some reason, when I had > Linux and used LILO, it don't give the Bloodhound.MBR warning. I can see two reasons for that. Either NAV knows the template for a LILO MBR, or its "Bloodhound" heuristic scanner doesn't think it's a virus. It seems that the FreeBSD boot manager MBR is not known to NAV, and there's something about it which is triggering the heuristics. This MBR actually provides Symantec with a useful real-world sample they could use to improve their heuristics, if they were so inclined. -- Lachlan O'Dea <mailto:lodea@vet.com.au> Computer Associates Pty Ltd Webmaster Vet - Anti-Virus Software http://www.vet.com.au/ "Try not. Do. Or do not. There is no try." - Yoda, Jedi Master To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000223164121.G18242>