Trog a écrit :
We are, of course, also looking for people to volunteer to become sig makers. Assuming that they have the time and the relevant skills.
How would you define these skills ?
Sorry I'm in a hurry, but just to quote some:
Proper knoweledge and handling of malware, deep knoweledge of the win32 environment and how (recent and not so recent) malware behaves. Basic knoweledge of the win32 internals, registry, executable format, IE, and so on...
General skills in software reversing, in specific malware aspects or in related file formats.
Skills in IT security, experience in the field, the ability to code or to contribute to someone else's code and stuff like that is generally a bonus.
Further I would say: how do actual sigmakers work ? Reverse-engineering on new virus ? Scan its with other AV products ? Mix of that and more other way to make a signature ?
Some of the above and something more. Mostly depending on the target.
Is there a ClamAV virus lab somewhere to test suspicious exec ?
Sure but it's very well hidden and you'll never find it;)
There's no malicious intent in these questions, just curiosity.
If you're interested in joining the team, mail me off list (acabATclamavPOINTnet).
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
