Re: [Clamav-devel] New phishing method...doubts

2006-09-28 Thread Robert Allerstorfer
Hi, On Wed, 27 Sep 2006, 22:05 GMT+02 Robert Allerstorfer wrote: I have now tested another phishing mail using your new code (with the '--phish-scan-alldomains' option) which did not get detected. It did get detected now with the latest CSV source (devel-20060928) :-) clamscan

Re: [Clamav-devel] New phishing method...doubts

2006-09-28 Thread Ian Castle
Robert Allerstorfer wrote: Hi, Are there yet any statistics of the amount of false positives caused by --phish-scan-alldomains? You can see http://phishery.internetdefence.net/clamav-test2.html regards rob. ___

Re: [Clamav-devel] New phishing method...doubts

2006-09-27 Thread Robert Allerstorfer
On Wed, 27 Sep 2006, 18:59 GMT+03 Török Edvin wrote: On 9/27/06, Robert Allerstorfer wrote: The output of 'clamscan -h' included --no-phishingDisable phishing detection --no-phishing-scan-urls Disable url-based phishing detection --no-phishing

Re: [Clamav-devel] New phishing method...doubts

2006-09-26 Thread Török Edvin
On 9/26/06, Danett song [EMAIL PROTECTED] wrote: This module to detect Phishing attacks are basic based in normalization of url's correct? Its based on comparing: - the 'real' URL, i.e. the URL that your browser is going to load when you click on it - the 'displayed' URL, i.e. the text that

Re: [Clamav-devel] New phishing method...doubts

2006-09-26 Thread tBB
Török_Edvin wrote: Linux:yes, tested. Windows: should work, but I didn't personally test. Win32/Cygwin: Works as well. Best regards, Nico -- +--+ Q: Because it reverses the logical flow of conversation. A: Why is putting a

Re: [Clamav-devel] New phishing method...doubts

2006-09-26 Thread Danett song
Hi Török, --- Török Edvin [EMAIL PROTECTED] escreveu: Its based on comparing: - the 'real' URL, i.e. the URL that your browser is going to load when you click on it - the 'displayed' URL, i.e. the text that is underlined, tooltips, etc. Hummm, now I got the idea. Linux:yes, tested.

Re: [Clamav-devel] New phishing method...doubts

2006-09-26 Thread GiM
Danett song in message 'Re: [Clamav-devel] New phishing method...doubts' wrote: --- Török Edvin [EMAIL PROTECTED] escreveu: Linux:yes, tested. Windows: should work, but I didn't personally test. Without cygwin? I would like to test it, but I only use Windows, is there someone

[Clamav-devel] New phishing method...doubts

2006-09-25 Thread Danett song
Hello, I by accident entered in the archive of clamav-devel and found a message called New phishing detection algorithm in cvs version of clamav which I thinked it much intersting, so I solved to subscribe to this mail-list to solve some doubts, if you can clear if for me. :) This module to