Slashdot Mirror
Open Source Malware Search Engine
chr0.ot writes "Metasploit creator HD Moore has released an open-source search engine that finds live malware samples through Google queries. From the article: 'The new Malware Search project provides a Web interface that allows anyone to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables.' The tool then searches for actual malware signatures and uses the signature output from ClamAV to find the name of the malware. This is then used in conjunction with a PE signature matching method to form a Google query. Afterwards the malware can then be downloaded directly from Google."
Let me get this straight.. now Google is good for porn AND viruses?
How do the other engines stay in business?!?
I wonder how they got that idea. I've never heard of it before.
Clippy:
It looks like your searching for viruses,
well your in the right place.
ps, anyone else notice that slashdot is like waiting for a bus, you wait for hours with no updates then 4 come along all at once.
Hope the problems have been fixed now.
liqbase
you wait for hours with no updates then 4 come along all at once
Only if you mean the same one comes along four times.
Now it's a tripe.
Do you see what I did there?
I in no way think that google should block sites, but it would be nice if they would scan sites witht this -- especially for sites that install stuff through holes in IE -- and put a little icon on search results that return an infected site. That way you could at least have a heads up before you clicked on a search result about what you were getting into. It would also be great for Firefox, when everyone gets to see how many sites are exploiting IE.
Transporter_ii
Doctors destroy health, lawyers destroy justice, universities destroy knowledge, religion destroys spirituality
that snags a random payload off this site! Thanks Metasploit!
BTW, Dupe, Dupity Dupe, Dupe.
Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
Sorry Google can't do it, McAfee already bought that startup - http://www.siteadvisor.com/.
I just bought a new PC, and i have no viruses yet.
what MS has to say about this.
This is outright competition for their closed source malware search engine IE.
enignE hcraeS erawlaM ecruoS nepO
"reality has a well-known liberal bias" - Steven Colbert
I don't need a search engine to find malware.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Just thought you might like to know that this is broken at the moment.
- the bag of snakes locator
- the shard of glass necktie finder
- the kick in the crotch searcher
Seriously, if this were part of your search results as a heads up of what to avoid I can see it being quite valuable. But, short of research or bad intentions... why do i want to find live malware?
I do this on a daily basis for my Windows laptop, I search through my running processes to find strange things, search them on Google, then cross-reference them from my browser history, then I interrogate my wife to find out why she visited some of the stupidest sites on the internet. That's about when I remember she's a MySpace user, and no matter what I do that laptop is screwed.
I got into Linux for the free beer, but nobody seems to have any
"to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables" we should be able to do it the other way around too. enter the url for websites we suspect first then list if the websites host malicious executables. imo its more useful that way :)
Everything is possible. The impossible just takes longer.
As a silent grammar nazi myself I found it difficult to read the origonal post - my brain associates your and you're with different concepts.
I've got in the habit now when reading slashdot of if I can't understand a post, reading it as if i was speaking it (but silently of course).
I just can't read as fast when I have to do that.
"The weirdest thing about a mind, is that every answer that you find, is the basis of a brand new cliche" -
I've got in the habit now when reading slashdot of if I can't understand a post, reading it as if i was speaking it (but silently of course).
I'm trying to read this sentence as if you were speaking it. And you sound sort of silly.
When the policeman of the tie, rule you violate, hello punishment of the kitty?
So, oss malware? Is it free-as-in-beer or free-as-in-speech malware? Do I still need to accept an EULA to infect my friend's PCs or is it all GNU'D?
Warning: Corny karma killing post above.
Do I smell an idea I should forward to marketing...?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
pray tell WTF difference is this from another virus kit? this dude's life is going to be a screaming hell when everybody tees off on him.
if this is supposed to be a new economy, how come they still want my old fashioned money?
I've got in the habit now when reading slashdot of if I can't understand a post, reading it as if i was speaking it.
Didja read or speak this before posting? Improper verb usage, mangled propositional phrase, missing punctuation.
FTR, I'm not a grammar nazi, but you, by claiming such, opened you'reself up for a little good-natured criticism.
Regards.
Sounds like this thing's just a few modules short of obsoletizing us all; give this thing a "beowulf cluster" module and a "in Soviet Russia" module and it'd be pretty well self-contained. Any day now it'll be welcoming it's overlord self...
This space intentionally left (almost) blank.
Most "free" file shareing programs have had this implemented for a long long time ;)
...
Good Point!
That's the reason I'm a silent Grammar Nazi - my particular dialect means I mess up many othe things - I'm just saying that some incorrect grammar usage make me cringe.
I always welcome advice on how I could improve my communication provided people tell me why I've gone wrong, rather than just saying I am wrong.
"The weirdest thing about a mind, is that every answer that you find, is the basis of a brand new cliche" -
I see that they fit into McAfee's quality pretty well.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
Sounds rather like McAfee SiteAdvisor for IE and Firefox.
SiteAdvisor tests e-mail, downloads, and links. Give an e-mail address to Slashdot and you can expect 6.9 e-mails per week. Reports are detailed and comments can be posted.
The scam artist's best weapons are always psychological. The defenses woven into Firefox are to him never more than a minor inconvenience.
Your being too kind.
Since I don't normally like to engage in the karma-damaging activity of trolling, I was hoping to get some bang-for-the-buck out of my post. Thus, I left two juicy pieces of bait (i.e., grammatical errors) in my post, and promptly started meta-moderating my heart out to counter the impending down-mod.
BTW, "my particular dialect" must mean english is an auxiliary language for you. Kudos on that and never apologize for the occasional mess-up. I am not among those who are multilingual, so I envy you.
Regards.
(Unless McAfee has already done so since another poster notes they do something similar.)
--C
McAfee's automated scans can't and won't red-flag a corporate home page simply because the company is on your personal black list. You might, however, take the time to post a comment.
Your being too kind.
Usually it's not worth the effort, but given this thread I just had too...
That should be:
You're being too kind.
William of Ockham had no beard. The most likely explanation is that it was chewed off by squirrels every morning.
1. It looks like there's a copy of "Worm.Bagle.Z" on GCC's server:
gcc.gnu.org / ml/gcc-prs/2004-05/msg00008 / the_message.scr
(don't open the URL from Windows, or at all. My AV detected the file as "W32.Beagle.gen", right after I downloaded it).
2. Search the engine for "worm" or "trojan" and you'll get tons of them.
An offtopic reply to an offtopic post:
Personally, I'm rather tired of reading comment after comment pointing out that a given article is a dupe - I think the tagging system is sufficient to identify dupitude (hey, you're allowed to make up words in english). If the article's a dupe, don't read it, and by all means, don't comment - just ignore it like the articles that don't interest you.
The secret to creativity is knowing how to hide your sources. - Albert Einstein
Procrastination -- because good things come to those who wait.
Is it like I am a webmaster and I am blocking visits from the blacklisted websites?
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
The your/you're thing is a pet peeve of mine. The extra vitrol was just revenge for the poster subjecting me to yet another "OMPG CLIPPLY LOLLZORS M$ SUCKS" post.
SO, how did your reply to me make YOU feel?
I clicked submit, and then spotted that right away. I wish I could claim I did it on purpose, but I guess it's just that rule about grammar/spelling corrections having a goof of their own.
But pretending I'm all knowing and stuff and that I make no mistakes:
Just replace the ellipsis with "much beer"
William of Ockham had no beard. The most likely explanation is that it was chewed off by squirrels every morning.
Duh!
Hehe. Thx for the bite. Yes Virginia, persistence does pay;-)
Isn't a propositional phrase something like, "will you marry me?"
Bon mot. =)
Yep, it is. Congrats, you win the prize: a PS3 running Vista. This offer expires in 30 days.
Yeah, like that's the first time we've heard THAT statement made.
This space intentionally left (almost) blank.
Does it locate the Windows Genuine dis-Advantage malware?
Tired of the karma burn, but what the hell!
"BTW, "my particular dialect" must mean english is an auxiliary language for you"
ROTFL
I am actually English as far back as we can trace the geneaology. Just from the north of England mixed with some Cornwall, combined with Mancunian with some Essex and London thrown in; so my upbringing WRT language is not the same as the Queen's English. hence correct grammar for my peers is not the same as the textbook definition. I still support correct usage of your/you're their/there/they're etc as they add meaning to the language rather than obscure it (to me anyway).
An individual's language is to me like an individual's religion, I may not agree with it, I may feel pain at what you do with it, but it is your's to do with as you please, if others don't understand you, then that is their right, as it is your right to communicate and potentially be misunderstood as the case may be.
So I do have a different dialect from standard English, which means that I apply some traditional grammar and not others.
Also my pronunciation differs from standard e.g. I pronounce book to rhyme with spook.
As I say, there's a good reason I don't tell people off about their grammar, (unless they ask me to), but have much sympathy for those who do.
"The weirdest thing about a mind, is that every answer that you find, is the basis of a brand new cliche" -
> "my particular dialect"
There is a word for a language as used by a specific individual
speaker, and that word is "idiolect". Wars are fought because
particularly stupid people cannot accept the inescapable fact
that words *intend* (meaning 1) precisely what their speaker intends,
and regardless of what they *convey* (meaning 2) in the interpretation
of a listener or *connote* (meaning 3) in the instantaneous context
of the present evolutionary state of the dialect, which is in turn
distinct from the canonical meaning that the same words *denote*
(meaning 4) in the prescriptive collections of descriptive definitions
forming the dominant norm of a given language.
-I like my women like I like my tea: green-
Many programms include spyware modules. Use anti-spyware for protect your privacy.
As for me, I like professional anti-spy software like PrivacyKeyboard by Raytown Corporation LLC.
You can download it here: http://download.softsecurity.com/1/14/prvkbd.zip (~4MB)
Anti-Spyware: Efficiency of the Means of Defense
How long will it be before there is no such thing but and open source AV? There is just no way a closed source AV will be able to adapt as fast as the virus-sphere. especially when you read about these highly targeted Trojans coming from China and Russia. http://www.securityfocus.com/news/11222 I have Clam AV on an Astaro box (linux based UTM) and I've always been pleased with the perfromance.