Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linuxinterfaceforonaccess scanning

From: Arjan van de Ven
Date: Thu Aug 07 2008 - 00:39:28 EST

Next message: Philip Langdale: "[PATCH 1/1] toshiba_acpi: Add support for bluetooth toggling throughrfkill (v4)"
Previous message: Fernando Luis Vázquez Cao: "Re: RFC: I/O bandwidth controller"
In reply to: Mihai DonÈu: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linuxinterfaceforon access scanning"
Next in thread: Theodore Tso: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforon access scanning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 7 Aug 2008 03:49:55 +0300
Mihai DonÈu <mdontu@xxxxxxxxxxxxxxx> wrote:

> Well, here is one attempt.
>
> A good percentage of an AV product's job is to prevent exploitation
> of a security hole in a product before the vendor (assuming the
> vendor admits it's bug and not a misuse of the product's features).

just to get things clear;
you're not talking about preventing the actual exploitation per se
(that would be the job of the various protection technologies) or the
containment (that would be SELinux), but more about detecting the
presence and preventing to (accidental) use of pre-canned, widely used
exploit binaries/files ?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Philip Langdale: "[PATCH 1/1] toshiba_acpi: Add support for bluetooth toggling throughrfkill (v4)"
Previous message: Fernando Luis Vázquez Cao: "Re: RFC: I/O bandwidth controller"
In reply to: Mihai DonÈu: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linuxinterfaceforon access scanning"
Next in thread: Theodore Tso: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforon access scanning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]