Help Needed Regarding:TrendMicro Antivirus considering java App as ahigly risk thread

[toaries]

Hello

I have a java application which sniff the network traffic, I am using jpcap and winpcap in my application. Application runs fine with AVG antivirus.but when i did deploy my java application at customer environment where customer has Tren Micro Antivirus.
At that customer end trend micro is repotting my Java Application as high risk thread and also consider as dialup app which is trying to accessing the other pcs. But in actual it really not like that its only sniff the traffic which comes on that particular pc’s LAN Card.
What could be the possible reason for that as with AVG antivirus it working fine but with Treand Micro Antivirus it considering the highly risk thread

Plz let me know its possible reason and solution


Thanks

Regards
Mudasser

[jjsbasmt]

I think the several AV Programs out there would consider "packet sniffers" a threat by nature of what they do and how they operate. It is understandable how easy one could misuse "sniffers" so in order to be cautious I've noticed that many AV programs warn about these even if you just download them without deploying.

[foghorn67]

There are several articles going around about Java in the past day or two. Everyone seems to be saying to disable it right away.
Mozilla Firefox as of today, has Java disabled as default.
http://www.slate.com/blogs/future_te...ight_now_.html

[MrColin]

Signature based antivirus apps will probably flag the packet sniffer binary unless you:
A) pad the binary in a hex editor to defeat the signature recognition (works for viruses too!)
or
B) ad an exception to the antivirus file checking rules.