Joel Esler (jesler) skrev den 2017-05-05 01:39:
We have some ideas here Benny, but nothing in the pipeline today.
+1, thats stable software :)
If we incorporated SaneSecurity’s sigs (we need permission to do so from Steve), then we could ingest them, and de-dupe any hash-based sigs that we have that other types of sigs alert on (we do this today for our own internal sigs) The hash based sigs are a method for us to automatically get sigs out right now instead of later. As we all have other things we are doing.
why not just permit sig creatators to sign there own sigs ?, so it can be used entirely as a freshclam update ?, why would that be bad ?
atleast if sig creators could sign sigs digitaly, it wont hurt to drop bash updates that use gpg, i can make clu database files now, but still not sign it, with imho is bad that this is not yet possible :(
the dedupe is appricated, and thats is a very good reason to make sigs centraly, but that can be ensured in other ways imho
how to list pua catagorys ?, what about clam stats used as a sig catagory change rule for sigs that are not in the wild, so if users not using all catagorys will not load all sigs, but users that want to use all sigs can do so ?
or it could be make another cvd called archived, with contains all sigs that are considered very old and not usefull, not hitting in long time
doing nothing is not a problem for stable software, but it not makeing it better even
lets hear Steve why he not just send sigs to sig creators maillists, i know its a big work done even if he did not send it
_______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
