Webmaster wrote:
Your signatures are based on HTML (Filetype = 3).
Shouldn't it be based on Mail (Filetype = 4) ?
Interesting... I'll do some tests later today changing the type.
The interesting thing though, is that when you go to the online database
search site http://clamav-du.securesi
Hello Steve,
Le Mardi 24 Janvier 2006 21:49, Steve Basford a écrit :
> As, I've seen a number of new phishing attempts get past the Official
> ClamAV signatures, I thought I'd try to produce my own signatures, to
> see if some of these newer phishing attempts could be stopped.
>
> They are here to
Rob MacGregor wrote:
On 1/30/06, Rajkumar S <[EMAIL PROTECTED]> wrote:
Just wondering how far a signature can go? Does the scanner needs to go back
and forth in
a file for scanning or can it scan a stream as it passes by? How far does it
needs to go
if it has to go backwards? What about zip
Mar Matthias Darin wrote:
Hello,
Rajkumar S writes:
How short can this buffer go? Does this file needs to be seekable?
Ideally, I would say 16K would be as small as you want to go. If the
buffer is to small, the transfer speed will suffer.
That's a nice number. I am pretty encouraged by th
Rob MacGregor wrote:
On 1/30/06, Rajkumar S <[EMAIL PROTECTED]> wrote:
The idea is to have a small packet queue where last n packets are
stored, scanned and then transmitted in a cyclic fashion. ie first
n-1 packets will just gets queued, when the nth packet arrives, the
queue is scanned, and 1s
Hello,
Rajkumar S writes:
Mar Matthias Darin wrote:
I have done some research on this already... If you store the file in a
disk buffer (say max 100K at a shot using tmpfs for speed), then scan the
buffer, it does indeed work.
How short can this buffer go? Does this file needs to be seeka
Bill King wrote:
> On 1/27/06, Bill King <[EMAIL PROTECTED]> wrote:
>>> I am running ClamAV on a Solaris host, with MIMEDefang.
...
>>> Jan 26 12:05:31 MTA_Daemon[4795]: Milter (mimedefang): timeout before
>>> data read
>>
>> Try something like:
>> INPUT_MAIL_FILTER(`mimedefang',
>> `S=unix:/
Oliver Stöneberg wrote:
You should really cleanup your signatures. I have a Phishing set of
512 Phishing of which 23 are not recognised by ClamAV. From those
only 4 are captured by your signatures, which are the following:
Firstly, thanks for the feedback. Although I must say, I'm
disappo
On 1/27/06, Bill King <[EMAIL PROTECTED]> wrote:
>> I am running ClamAV on a Solaris host, with MIMEDefang. Versions and log
>> examples are posted below. I am trying to modify ...
...snip...
>> I'm already using MIMEDefang.
>>
>> Jan 26 12:05:31 MTA_Daemon[4795]: Milter (mimedefang): timeout
Dennis Peterson wrote:
It's worth repeating the question I asked over a week ago - what
methodology is used in collecting these so that dupes are avoided?
Nobody answered, unfortunately, so now we see we have dupes.
Sorry for the delay... apart from being more than a little busy... I
must a
On 1/30/06, Rajkumar S <[EMAIL PROTECTED]> wrote:
> Just wondering how far a signature can go? Does the scanner needs to go back
> and forth in
> a file for scanning or can it scan a stream as it passes by? How far does it
> needs to go
> if it has to go backwards? What about zip files? Do they
On Mon, 30 Jan 2006 19:55:54 +0800
<[EMAIL PROTECTED]> wrote:
> I use clamav 0.88 on FreeBSD 6.0-stable.
>
> But when I scan the file which download from
> ftp://ftp.freebsd.org/pub/FreeBSD/ISO-IMAGES-i386/6.0/6.0-RELEASE-i386-disc1.iso,it
> doesn't work.
>
> It returns
> -- summary --
> Known v
I use clamav 0.88 on FreeBSD 6.0-stable.
But when I scan the file which download from
ftp://ftp.freebsd.org/pub/FreeBSD/ISO-IMAGES-i386/6.0/6.0-RELEASE-i386-disc1.iso,it
doesn't work.
It returns
-- summary --
Known viruses: 43832
Engine version: 0.88
Scanned directories: 0
Scanned files: 1
Infect
On Monday 30 January 2006 02:10, Rajkumar S wrote:
> > Where your problem is going to occur, as with havp, is in notifing the
> > user that their file was trashed unless the P2P software incorporates
> > the antivirus scanning inline with the downloading. In such a manner,
> > the P2P can notify t
Mar Matthias Darin wrote:
I have done some research on this already... If you store the file in a
disk buffer (say max 100K at a shot using tmpfs for speed), then scan
the buffer, it does indeed work.
How short can this buffer go? Does this file needs to be seekable?
Where your problem is go
Hello,
Rajkumar S writes:
Rob MacGregor wrote:
1) You'd need to decode the packet contents on the fly
2) Anything running over 1 packet would never be spotted
Just wondering how far a signature can go? Does the scanner needs to go
back and forth in a file for scanning or can it scan a st
Rob MacGregor wrote:
1) You'd need to decode the packet contents on the fly
2) Anything running over 1 packet would never be spotted
Just wondering how far a signature can go? Does the scanner needs to go back and forth in
a file for scanning or can it scan a stream as it passes by? How far
On Saturday 28 January 2006 19:41, [EMAIL PROTECTED] wrote:
> > Please do not send any more messages. Thank you.
>
> Why would say this? Is this list not about clamav and viruses?
my guess is this person was trying to unsubscribe from the list.
anyways, does anyone actually take AOL users serio
18 matches
Mail list logo
