Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 4455 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Send a sample with one click

zaino_unipmn_it

Could I suggest to send a sample using "Sophos Endpoint and Security Control"?

Usually virus starts from RUN regkey, autostart folder and so on. The software could search all autorun application, running applications and suggest which of them could be sent to Sophos Laboratory without compiling the web form (you already have our contact data, in sending sample you also could acquire PC id, name, ip...). It could be more rapid. Sometimes I couldn't send sample because I'm on a PC owned by another user even if it has Sophos installed but I don't have any pen drive for saving a sample (if system permit it). Other times I send sample with some hour of late.

Thanks, for your attention,

Dott. Marco Zaino

Università del Piemonte Orientale

Alessandria, ITALY

:35731


This thread was automatically locked due to age.
Parents
  • 0

    Hello Dott. Marco,

    the sending part first: What would prevent users from using this function and thus flooding Labs with suspected malware? Or how should Labs determine that the submission is "genuine"? Anyway - why not using the web form from the PC?

    As for the software suggesting samples to be sent: Taking all the usual places I've seen (and that's likely a small subset) together this could be quite some list. Pruning this list automatically would OTOH require some "intelligence" (sometimes the malware gives itself away using "funny names" but other times not). While I concur that some kind of "collector" would be helpful I've no notion how it could actually work. But admittedly I haven't thought about it much.

    What do others say?

    Christian 

    :35749
Reply
  • 0

    Hello Dott. Marco,

    the sending part first: What would prevent users from using this function and thus flooding Labs with suspected malware? Or how should Labs determine that the submission is "genuine"? Anyway - why not using the web form from the PC?

    As for the software suggesting samples to be sent: Taking all the usual places I've seen (and that's likely a small subset) together this could be quite some list. Pruning this list automatically would OTOH require some "intelligence" (sometimes the malware gives itself away using "funny names" but other times not). While I concur that some kind of "collector" would be helpful I've no notion how it could actually work. But admittedly I haven't thought about it much.

    What do others say?

    Christian 

    :35749
Children
No Data