Best appraoch to test Antivirus Profile; Locky malware case

Forum|Forum|10 years ago
March 19, 2016
1 reply
7468 views

In our Fortigate 100D we enabled IMPA and POP3 profiles, but need to make sure the antivirus is working as expected, for that how one can run an attack test ?

Best answer by netmin

To just test the AV profile setup for general functionality, the standard EICAR anti-virus test files could be used: http://www.eicar.org/85-0-Download.html - they should be detected/blocked by every AV software, so you might need to temporarily disable your local AV client, when trying to send an email containing it.

btw, here's another interesting site: http://metal.fortiguard.com/

ede_pfau

SuperUser

AFAIK there is no check for 'locky' in AV. The signature is included in Application Control, 'Botnet' category.

And no, I don't know of any reliable source / web site where you could catch a locky trojan -

netminAnswer

New Member

To just test the AV profile setup for general functionality, the standard EICAR anti-virus test files could be used: http://www.eicar.org/85-0-Download.html - they should be detected/blocked by every AV software, so you might need to temporarily disable your local AV client, when trying to send an email containing it.

btw, here's another interesting site: http://metal.fortiguard.com/

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded