Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: OSSEC HIDS being detected as malware SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
OSSEC HIDS being detected as malware

Daniel from OSSEC has reported that a couple Antivirus products are currently detecting the Windows version of OSSEC HIDS as malware. They have been notified and will (we hope) be fixing it soon. Currently the products finding it as malware are (in VirusTotal format of Product,  Version, Last Update, Detection Result):

a-squared 4.0.0.73 2009.01.05 Generic.Qhost!IK
BitDefender 7.2 2009.01.05 Generic.Qhost.E185971A
F-Secure 8.0.14470.0 2009.01.05 Suspicious:W32/Malware!Gemini
GData 19 2009.01.05 Generic.Qhost.E185971A
Ikarus T3.1.1.45.0 2009.01.05 Generic.Qhost
Prevx1 V2 2009.01.05 Worm

Toby

68 Posts
Jan 6th 2009

Sign Up for Free or Log In to start participating in the conversation!