On Tue, 24 Feb 2004 at 11:05:32 +0100, David Girardey wrote: > > I'm testing signatures extraction with a 'home-made' virus : I extract > a piece of a binary file (jpeg file), and put it into a test.virus.db
No. First you must do a hex dump of the binary fragment. It's described in the doc. > I use the creating signature manual to take a good string (size > between 40 and 200, etc). > > I put this test.virus.db into my database directory (with daily.cvd > and main.cvd). > > I test this signature with this command : > > clamscan --mbox /tmp/image.jpg For testing purposes, quicker is using only that test signature: clamscan -d test.virus.db /path/fileforscanning -- Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only [EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros. [EMAIL PROTECTED] http://www.ClamAV.net/ A GPL virus scanner ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
