Jump to content

Archived

This topic is now archived and is closed to further replies.

Guest piav

email antivirus signature poses a risk

Recommended Posts

Guest piav

Hello Eset, 

 

seeing your antivirus signature in email messages made me think about it...

 

__________ Information from ESET NOD32 Antivirus, version of virus signature database **** (***********) __________

The message was checked by ESET NOD32 Antivirus.

hxxp://www.eset.com

 

 

you actually give other people, potentially the bad guys, information about the antivirus program you use and its current database. 

 

convince me it is rational and not extremely dangerous   :rolleyes:

 

Thanks! 

 

Share this post


Link to post
Share on other sites

I don't think there's anything secret in that message, this information is also available on ESET's website.

Share this post


Link to post
Share on other sites
Guest piav

whoever recieves this message knows you are using nod32 and your exact rule set. anybody can use this information against you, know your exact protection capability and attack you using customized malware. 

Share this post


Link to post
Share on other sites

whoever recieves this message knows you are using nod32 and your exact rule set. anybody can use this information against you, know your exact protection capability and attack you using customized malware. 

 

...especially if virus database is not up-to-date... However, the message can be disabled.

 

But I don't think this is necessarilly a major security threat... I believe that guys who would know how to attack you based on info about your AV product have way more productive jobs... let's say collecting 160 millions credit cards info from cc vendors... or undercover agents names and addresses list from security agencies... or social security numbers from government sites... or anything else they wish to any corporate network they (dis)like :-)

 

 

Tomo

Share this post


Link to post
Share on other sites
Guest piav

We know today that small businesses are a growing target for hackers and exposing your antivirus information (and update status) is an extremely bad idea, security-wise. 

What about keeping your cards close to your chest? 

 

I know this feature can be disabled, that's not the point. Why was it implemented in the first place by a security company, knowing the possible consequences? 

 

 

 

Share this post


Link to post
Share on other sites

Hello,

If memory serves, in the ESET Endpoint programs, the default operation is to only append the tag message to infected pieces of email, which can be helpful when determining why a particular piece of email (or its attachment(s)) was flagged.

Personally, I turn off these types of messages on my own installations of the software/environments where I administer the installation, but there are also people who like to see these notifications as well, so the option is there for those that want it.

Regards,

Aryeh Goretsky

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...