/ Security

Call for Eicar V2

Many years ago it was recognised that there existed a need to test AV software without throwing live viruses around and so the EICAR test file was developed as a safe way of testing that AV software was indeed working.
This was fine but I think there is now a need for an EICAR v2. Something that is NOT recognised by AV software by default. Why would this be of use?

Well, A scenario I had last week involved a virus getting onto NetApp filers. Now, Netapp will send the file to an AV scanner and get one of three responses back: clean, infected or timed out.
Clean means the file gets added to the clean list and will not be rescanned until the file changes.
In other words, if the file has a virus that the definitions do not pick up that file is NOT rescanned even if new definitions are released. This means a virus-infected file can get onto a NetApp system.

Having an EICARv2 test file will enable testing of the automatic clean-list clearing type of scenario and be very useful to the IS industry in general.

Gary Williams

Gary Williams

IT Person | Veeam Vanguard | VMware vExpert | Windows admin | Docker fan | Spiceworks moderator | keeper of 3 cats | Avid Tea fan

Read More