mnb93
asked on
Virus Samples
I am doing a magazine article on virus scanners, and I would like to test them with a lot of samples, I already have the infrastructure for scanning in place, but I only have ~16 samples. Where can I get some more?
Here are some additional version of the virus sample, EICAR http://www.thepcmanwebsite.com/virus_test.shtml. They have they original version of the virus sample, a text version, a zip version, and a double zipped (very hard to detect). Best of luck.
ASKER
Though to my knowledge EICAR is only a test spec. They put chars (and some whitespace) at the start. I need some real samples. Ones that do damage, I have 3000 now, however I would like more. I am a Security Expert, thus will be handling these samples on a red machine.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This one is the most known and has the biggest collection of viruses, mostly old and
all are (at least should be) easily identifiable by modern antiviruses. This would be
enough to test to compare various products. You can check those products for
how many viruses thay can handle simultaneously, user interaction in disinfection, and anything else you want to test to write an article.
http://vx.netlux.org/
EICAR isn't a virus at all, of course, the only thing it can check is whether the antivirus
is loaded and running. When you try to access this EICAR any running AV should
fire an alarm. www.eicar.org
PS I wouildn't be surprised if the thread got deleted - topic of viruses is always a sensitive issue.
all are (at least should be) easily identifiable by modern antiviruses. This would be
enough to test to compare various products. You can check those products for
how many viruses thay can handle simultaneously, user interaction in disinfection, and anything else you want to test to write an article.
http://vx.netlux.org/
EICAR isn't a virus at all, of course, the only thing it can check is whether the antivirus
is loaded and running. When you try to access this EICAR any running AV should
fire an alarm. www.eicar.org
PS I wouildn't be surprised if the thread got deleted - topic of viruses is always a sensitive issue.
ASKER
Yeah, but I don't see how me getting binaries of a virus mean much... Though I could decompile it, but anyone who knows how to do that, is smart enough to build one.
Well, then go ahead and tell us what you DO want (you don't want
viruses in binary , but have collected so far "3000 now" in, of
course , binary form. Neither it seems you want them in source
code ,the site I cited has them as well), telling what the end goal of search for viruses is would certainly help.
"Red machine" ? ... hm,have never heard of such thing before.
viruses in binary , but have collected so far "3000 now" in, of
course , binary form. Neither it seems you want them in source
code ,the site I cited has them as well), telling what the end goal of search for viruses is would certainly help.
"Red machine" ? ... hm,have never heard of such thing before.
ASKER
"Red Machine" === My term for a redundant machine, that is only used for "evil stuff".
"what you DO want" Sorry if I confused anyone, I was meaning that I would like binaries, I do not really care that much about source code... (vbs doesn't count :))
End Goal, testing many AV solutions for a mag review.
"what you DO want" Sorry if I confused anyone, I was meaning that I would like binaries, I do not really care that much about source code... (vbs doesn't count :))
End Goal, testing many AV solutions for a mag review.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here are some harmless virus for testing your antivirus protection
http://www.webmail.us/testvirus
Best wishes!