Table of Contents
Previous Section Next Section

Further Reading

This short section lists a few sites you can use to stay up to date on computer virus and security information. Because virus writers and other malicious hackers are continuously inventing new attacks, you must continuously educate yourself about new trends.

Information on Security and Early Warnings

  • Read information about new computer viruses, malicious code, adware, and spyware attacks at Symantec Security Response, located at

  • Read Security Focus at You will find much useful and up-to-date information on security and daily practice. You can also access the valuable BugTraq mailing list at this location to stay current with platform and product vulnerabilities and related information.

  • Read the Internet security information posted on CERT at

  • Visit the SANS Institute's Reading Room regularly at

  • Read the NTBUGTRAQ archives at You can also subscribe to the mailing list at this location.

  • Consider joining AVIEWS, organized by AVIEN, to get more information about computer viruses and protect your organization better from such attacks. You can find their site at

Security Updates

Keep yourself and your computer up to date! Look for information about Microsoft product updates at the following places:

Computer Worm Outbreak Statistics

You can read more on the spread of computer worms here:

  • CAIDA offers worm outbreak information, such as the spread of the Slammer and Witty worms, at You will also find analysis based on the use of "network telescopes."

Computer Virus Research Papers

Contact Information for Antivirus Vendors

Table 16.1 lists contact information for antivirus vendors in alphabetical order.

Table 16.1. Common Certified Antivirus Software Vendors


Web Site

ALWIL Software

Authentium ("Command Software")

Cat Computer Services

Computer Associates



ESET Software

F-Secure ("Data Fellows")

Freedom Internet Security

Frisk Software

GFI MailSecurity

GeCAD (Acquired by Microsoft Corporation)


H+BEDV Datentechnik



Hiwire Computer & Security


Kaspersky Labs

Leprechaun Software



MicroWorld Software

Network Associates

Norman Data Defense Systems

Panda Software

Per Systems

Portcullis Computer Security

Proland Software

Reflex Magnetics


Software Appliance Company



Stiller Research

Sybari Software

Symantec Corporation

Trend Micro Incorporated

VirusBuster Ltd.

Antivirus Testers and Related Sites

In this section, I present information about antivirus tests and related sites. Please note that each of these independent sites uses a very different test methodology.

  • Virus Bulletin's site is at Here you can read AV comparisons, find information about VB 100%-certified products, and get independent antivirus advice. You can find the most recent version of the VGrep tool on this site as well. There is also an archive of past issues with the best computer virus analyses available. You also can purchase a subscription to the magazine, which is currently A3195 for one year.

  • The most recent independent antivirus tests of the University of Hamburg's Virus Test Center (VTC) are at The VTC is led by Prof. Dr. Klaus Brunnstein.

  • also produces independent antivirus tests, a project of the University of Magdeburg in cooperation with AV-Test GmbH of Andreas Marx. You can find this site at

  • ICSA Labs, a division of TruSecure Corporation, also performs Anti-Virus Certifications and issues ICSA Labs Certifications. You can find their home page at

  • Although EICAR (European Institute for Computer Antivirus Research) does not perform tests directly, it provides the file for antivirus testing. This file contains code that is encoded in a large string so it can be cut and pasted to a file to test your antivirus software's ability to detect a virus without using an actual virus for the task. This file is detected by most antivirus programs under names similar to EICAR_Test_File. Unfortunately, the original EICAR test file was abused by virus writers because the first specification of the test file did not present formalized criteria of what needed to be detected exactly and what should not. Therefore, some viruses, such as batch and script malware, included the string in themselves to mislead users into thinking that the file containing the virus was harmless. The exact specifications of the EICAR test file have been updated recently, and antivirus product developers are advised to follow the detection according to the new specifications at

  • SC Magazine also performs security product evaluations via West Coast Labs' Checkmark Certification. You can find their site at

  • The WildList Organization International has produced the Wildlist of Computer Viruses every month since 1993, based on reports collected worldwide. The Wildlist is used by several antivirus certifications. You can find the Wildlist at

  • The Virus Research Unit of the University of Tampere in Finland has been inactive for some time. However, it is expected to resume performing antivirus tests, led by Dr. Marko Helenius. You can find its site at

  • Another new antivirus certification program has been implemented by Dr. Leitold Ferenc in Hungary, located at

  • Andreas Clementi is also implementing a new certification program, which is available for products that use their own engine only.

    Table of Contents
    Previous Section Next Section