Jump to content

email antivirus signature poses a risk


Guest piav
 Share

Recommended Posts

Hello Eset, 

 

seeing your antivirus signature in email messages made me think about it...

 

__________ Information from ESET NOD32 Antivirus, version of virus signature database **** (***********) __________

The message was checked by ESET NOD32 Antivirus.

hxxp://www.eset.com

 

 

you actually give other people, potentially the bad guys, information about the antivirus program you use and its current database. 

 

convince me it is rational and not extremely dangerous   :rolleyes:

 

Thanks! 

 

Link to comment
Share on other sites

  • Administrators

I don't think there's anything secret in that message, this information is also available on ESET's website.

Link to comment
Share on other sites

whoever recieves this message knows you are using nod32 and your exact rule set. anybody can use this information against you, know your exact protection capability and attack you using customized malware. 

Link to comment
Share on other sites

  • ESET Insiders

whoever recieves this message knows you are using nod32 and your exact rule set. anybody can use this information against you, know your exact protection capability and attack you using customized malware. 

 

...especially if virus database is not up-to-date... However, the message can be disabled.

 

But I don't think this is necessarilly a major security threat... I believe that guys who would know how to attack you based on info about your AV product have way more productive jobs... let's say collecting 160 millions credit cards info from cc vendors... or undercover agents names and addresses list from security agencies... or social security numbers from government sites... or anything else they wish to any corporate network they (dis)like :-)

 

 

Tomo

Link to comment
Share on other sites

We know today that small businesses are a growing target for hackers and exposing your antivirus information (and update status) is an extremely bad idea, security-wise. 

What about keeping your cards close to your chest? 

 

I know this feature can be disabled, that's not the point. Why was it implemented in the first place by a security company, knowing the possible consequences? 

 

 

 

Link to comment
Share on other sites

  • ESET Moderators

Hello,

If memory serves, in the ESET Endpoint programs, the default operation is to only append the tag message to infected pieces of email, which can be helpful when determining why a particular piece of email (or its attachment(s)) was flagged.

Personally, I turn off these types of messages on my own installations of the software/environments where I administer the installation, but there are also people who like to see these notifications as well, so the option is there for those that want it.

Regards,

Aryeh Goretsky

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...