Using real viruses for testing in the real world is rather like setting fire to the dustbin in your office to see whether the smoke detector is working. Such a test will give meaningful results, but with unappealing, unacceptable risks.
Who needs the testfile?
- If you are active in the anti-virus research field, then you will regularly receive requests for virus samples. Some requests are easy to deal with: they come from fellow-researchers whom you know well, and whom you trust. Using strong encryption, you can send them what they have asked for by almost any medium (including across the Internet) without any real risk.
- Other requests come from people you have never heard from before. There are relatively few laws (though some countries do have them) preventing the secure exchange of viruses between consenting individuals, though it is clearly irresponsible for you simply to make viruses available to anyone who asks. Your best response to a request from an unknown person is simply to decline politely.
- A third set of requests come from exactly the people you might think would be least likely to want viruses "users of anti-virus software". They want some way of checking that they have deployed their software correctly, or of deliberately generating a "virus incident in order to test their corporate procedures, or of showing others in the organisation what they would see if they were hit by a virus".
eicar e.V.
ReplyDeletehttp://eicar.org/
Being a selfstanding term now, it stood originally for European Institute for Computer Antivirus Research.
However, we are now busy in the general IT Security field with a focus on AV and hence we do not refer to the full term anymore.