Hello Dino,
echo -n "invalid_trailer_structure" >>local.ign2
should do the job.
Le 12/04/2022 à 18:58, Dino Edwards via clamav-users a écrit :
Hi,
Using clamav-unofficial-signatures and I’m trying to ignore a yara rule
due to many FPs. The blocked message refers to the
YARA.invalid_trailer_structure.UNOFFICIAL as the offending signature.
However, entering any of following in local.ign2 file, clamav ignores it
and keeps blocking:
*YARA.invalid_trailer_structure*
Any idea what I’m doing wrong here?
thanks
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
--
Cordialement / Best regards,
Arnaud Jacques
Gérant de SecuriteInfo.com
Téléphone : +33-(0)3.60.47.09.81
E-mail : a...@securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
Signatures for ClamAV antivirus : http://ow.ly/LqfdL
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
