Today’s SANS Diary Entries

Rather than creating separate entries, I thought I’d comment on today’s SANS Diary entries in one post.
Comparing Anti-Virus Solutions
That’s just weird timing since I posted about that this weekend. I agree that virus total is an interesting snapshot. I would be more intersted in a site that collects when a virus def is available and what is in that def (assuming everyone lists what virus detections are added in each definition update). Another interesting graph is the virus release chart for each major virus. Here’s a graph Message Labs put out about Nyxem response time. Symantec didn’t do so well.
Security update for QuickTime (7.1.5)
About freaking time Apple. I had already given up on a fully patched install ever being released. We just pushed 7.1.3 last week to a couple hundred computers that had been running 6.5.
phpMyFAQ being exploited
I almost installed this for one FAQ I maintain. I decided to stick with static HTML since I wouldn’t be able to maintain it.