Re: [clamav-users] Sanesecurity:foxhole-databases
On Fri, September 5, 2014 8:21 pm, Dennis Peterson wrote: > Steve - thanks for your contribution to the success of the ClamAV > products. One question for you - how does determine the current version of > the files you distribute? One of the foxhole signature files I have is > from May, for example. Hi Dennis, Current versions... 02/09/2014: foxhole_all.cdb 18/03/2014: foxhole_filename.cdb 02/09/2014: foxhole_generic.cdb You can quickly grab the latest version here: rsync://rsync.sanesecurity.net/sanesecurity/foxhole_generic.cdb rsync://rsync.sanesecurity.net/sanesecurity/foxhole_filename.cdb rsync://rsync.sanesecurity.net/sanesecurity/foxhole_all.cdb foxhole_filename.cdb will hopefully become updated more, once I've sorted double-checked the status of a bugzillasomething to do with spaces in regex... goes off to hunt it ;) Cheers, Steve Sanesecurity.com ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Sanesecurity:foxhole-databases
On 9/5/14 2:10 AM, Steve Basford wrote: Hi All, For those using Sanesecuriy foxhole databases, I've finally updated their usage information: http://sanesecurity.com/foxhole-databases/ Cheers, Steve Sanesecurity.com Steve - thanks for your contribution to the success of the ClamAV products. One question for you - how does determine the current version of the files you distribute? One of the foxhole signature files I have is from May, for example. dp ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Duplicate entry in SecuriteInfo spam_marketing database
Steve: I noticed this when the whitelist update notices from the clamav-unofficial-sigs.sh script started growing exponentially. The script doesn't anticipate that one signature's hex string might be a sub-sequence of another signature's, and it doesn't handle them properly when that happens. In this case, the two entries in the spam_marketing.ndb database are: SecuriteInfo.com.Spammer.bluehornet.com:4:*:626c7565686f726e65742e636f6d SecuriteInfo.com.Spammer.echo.bluehornet.com:4:*:6563686f2e626c7565686f726e65742e636f6d There doesn't seem to be any reason for the second signature, because anything it matches will already be matched by the first sig. There may well be other duplicated entries; this is just the one I noticed. Alan Stern ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV®: The new ClamAV.net is here!
On Fri, Sep 05, 2014 at 03:33:36PM +0200, Andreas Schulze wrote: > Am 05.09.2014 09:22 schrieb Joel Esler: > > I just tested the whole site with elinks and it worked fine. Which parts > > are you referring to? > > OK, my fault too. The site *is* usable without javascript. > Exeption I'm currently aware: > http://www.clamav.net/download.html#otherversions What's wrong with it? Elinks handles it fine. > > Anyway: good job! Thank you goes to our fantastic webteam that worked on the site. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV®: The new ClamAV.net is here!
Am 05.09.2014 09:22 schrieb Joel Esler: > I just tested the whole site with elinks and it worked fine. Which parts are > you referring to? OK, my fault too. The site *is* usable without javascript. Exeption I'm currently aware: http://www.clamav.net/download.html#otherversions Anyway: good job! Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail i...@datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dr. Robert Mayr (stellv. Vorsitzender) Eckhard Schwarzer (stellv. Vorsitzender) Dr. Peter Krug Jörg Rabe von Pappenheim Vorsitzender des Aufsichtsrates: Dirk Schmale ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV®: The new ClamAV.net is here!
On Fri, Sep 05, 2014 at 09:09:59AM +0200, Matus UHLAR - fantomas wrote: > On 04.09.14 07:53, Andreas Schulze wrote: > >Am 26.08.2014 20:56, schrieb Joel Esler (jesler): > >> * Simple Navigation > >> > >"Thanks" for the next site only usable with mainstream browsers and > >JavaScript enabled :-/ > > ohh, which parts? I just tested the whole site with elinks and it worked fine. Which parts are you referring to? -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Sanesecurity:foxhole-databases
Hi All, For those using Sanesecuriy foxhole databases, I've finally updated their usage information: http://sanesecurity.com/foxhole-databases/ Cheers, Steve Sanesecurity.com ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV®: The new ClamAV.net is here!
On 04.09.14 07:53, Andreas Schulze wrote: Am 26.08.2014 20:56, schrieb Joel Esler (jesler): * Simple Navigation "Thanks" for the next site only usable with mainstream browsers and JavaScript enabled :-/ ohh, which parts? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Nothing is fool-proof to a talented fool. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml