Hi there,
On Tue, 16 Feb 2010 Matus UHLAR wrote:
On Tue, 9 Feb 2010 beshoo wrote:
i need to scan the post data , not the POST uploaded files
On 09.02.10 11:27, G.W. Haywood wrote:
man clamd
Look for 'INSTREAM'.
he is apparently searching for http server module that would scan
On Feb 13, 2010, at 4:02 PM, Alain Zidouemba wrote:
Tom,
You can find the answer in the attached document.
On Feb 13, 2010 5:49 PM, Tom Shaw ts...@oitc.com wrote:
How does one determine what TargetType ClamAV will assign to a file or
attachment? I have been all through the docs and wiki
Attached document? I did not see an attachment. Can you send a link?
Is this the TargetType you are after...
2.3.4 Extended signature format
The extended signature format allows for specification of additional
information such as a target file type, virus offset or engine version,
making
Attached document? I did not see an attachment. Can you send a link?
Is this the TargetType you are after...
2.3.4 Extended signature format
The extended signature format allows for specification of additional
information such as a target file type, virus offset or engine
version,
At 4:15 PM + 2/16/10, Steve Basford wrote:
Attached document? I did not see an attachment. Can you send a link?
Is this the TargetType you are after...
2.3.4 Extended signature format
The extended signature format allows for specification of additional
information such as a target
Tom:
Is this the answer you were looking for?
--
Alain S. Zidouemba
Research Engineer, Vulnerability Research Team
SOURCEfire
Tel: 1(410)423-4764
email: alain.zidoue...@sourcefire.com
2010/2/15 Alain Zidouemba azidoue...@sourcefire.com
Courtesy of Edwin:
The file type is determined by
On 02/16/2010 09:15 PM, Tom Shaw wrote:
At 4:15 PM + 2/16/10, Steve Basford wrote:
Attached document? I did not see an attachment. Can you send a link?
Is this the TargetType you are after...
2.3.4 Extended signature format
The extended signature format allows for specification
Thanks, Alain. This helps. Let me noodle on the information. Is there
a definition of the .fmt file or will I have to look through the code?
Thanks, again,
Tom
At 3:01 PM -0500 2/16/10, Alain Zidouemba wrote:
Tom:
Is this the answer you were looking for?
--
Alain S. Zidouemba
Research
On 02/16/2010 10:20 PM, Tom Shaw wrote:
Thanks SO much, Edwin!
Is there a def of .fmt format?
You can look at the example in daily:
sigtool --unpack-current daily
cat daily.ftm
0:0:425a68:BZip:CL_TYPE_ANY:CL_TYPE_BZ
0: this is a static signature (no wildcards), anchored at an offset
0:
Tom Shaw wrote:
Is there a def of .fmt format?
Hi Tom,
Ah, see what you wanted now ;)
BTW, don't forget Sanesecurity has had additional types for a while now,
in sanesecurity.ftm and distributed on the mirrors.
Cheers,
Steve
Sanesecurity
___
10 matches
Mail list logo