Thursday, December 16, 2004

In doing work-ups for malicious code analysis, I've been using Full Disclosure as a source as it allows attachments. This allows me to download onto a non-MS machine, run a virus scanner and do other things while deciding to use the sample or not.

In the process, I usually hit Google also. In trying to figure out "" (it's Bagle.Ap) I found It appears to be a really good source for identifying unknown (unauthorized) processes.