What is the policy on "network stress" tools and other "grey area" software? With the high profile anonymous ddos attacks hitting the headlines recently, I was quite surprised to see that prevx does not classify the LOIC as malware. It is freely available on sourceforge and has been used to launch these much publicised ddos attacks. I understand you can't keep track of every network testing tool but in this case I think some attention is warranted. What I want to know is, would prevx consider classifying such tools (and others like it) as "bad"....because they can be and have been used for malicious purposes? From an enterprise point of view, you certainly do not want users downloading and launching a ddos from within your network...and would expect AV software to notify you of it's presence.