On Fri, Aug 03, 2001 at 01:43:06PM +0200, Andreas Marx wrote: > First we've created normal archives using a standard archivers (and normal > file names like "xul.exe"), but after the archive was created, we have > edited the files internally using a hex editor (change "x" to "n" - but be > careful, in ZIP files the fine name is included twice). You cannot add > names like "nul.exe" to an archive, of course, but you can change the name Thats not entirely true, you can easily add such files using other Operating systems, that do not suffer from defective or braindead filename conventions. Zip archiving tools are available for a wide variety of unix systems, which allow creation and adding of files like NUL.EXE flawlessly ;) This also allows for archive formats that eigther do not store the filename in uncompressed plain areas or have checksums protect the integrity of the archive file. (tar+gzip for example) On Unix one can also cause the archiving tools to store relative Pathnames, without need to use hex editors. > inside of the archives easily, if the length of the name will still be the > same. You can do this for both "nul.exe" or for additional "../"'s for > paths like "../../test.exe". (Btw, we have used the Volkow Commander (DOS), > not a "real" hex editor. :) ) [testing] The testing of Windows based Antivirus products has to be done within windows. Although i would run them inside vmware or similar virtual boxen. Did you also test Unix based virus scanners? there are quite a few AV Products that have scanners running on Unix. > I hope, this helps to understand the test procedures better. Yes, thank you ;) > cheers, > Andreas Marx -- Juergen P. Meier
This archive was generated by hypermail 2b30 : Sun Aug 05 2001 - 17:58:10 PDT