On 7 Feb 02, at 11:25, David Korn wrote: > It would be interesting if Frank could > describe the methodology he used, as the phrase "According to my own > tests" suggests he was not using the same script. I am sorry, it was my mistake, because I did not choose clear wording. I wrote Sophos would not "find" virii in long paths, which is wrong most often. What I found is that Sophos does not "move" virii into the \Sophos\Infected directory when it is told to do so, and the virii are in a long path. This reads as "no action taken" in the Sophos report. This means if you use a long path, you can write a virus on disk, and though Sophos will log it, it will not stop you. BTW, Sophos is unable to find all virii in the NTFS file system, but this has nothing to do with the length of the path. If the virus is in an ADS, Sophos might ignore it. I tested this with a vbs virus which I did put in a file "a.txt:virus" while Sophos did not run. Then I started Sohos and copied the virus into a new file "virus.txt" - Sophos did not complain. The funny thing is that if you put the virus in a file "b.txt:virus.vbs", Sophos will find it. And yes, Sohos is configured to find virii in files without extensions. I did not test other AV products, but probably they will have similiar problems. Greetings Frank Heyne
This archive was generated by hypermail 2b30 : Fri Feb 08 2002 - 17:39:25 PST