On Monday 23 May 2016 14:15:44 C.D. Cochrane wrote:
> > Obviously going to disagree. We are pushing almost a thousand pieces
> > of detection every four hours now, and that will only increase from
> > here.
>
> 1,000,000 unique submissions per day vs. 6000 "pieces of detection"
> per day. If that
On 23/05/2016 21:21, Joel Esler wrote:
On Mon, May 23, 2016 at 08:56:57PM +0200, Groach wrote:
On 23/05/2016 20:39, Dave McMurtrie wrote:
On Mon, 2016-05-23 at 19:52 +0200, C.D. Cochrane wrote:
ClamAV is fast, free, easy to integrate with just about any MTA and
it's actively developed. We've
On Mon, May 23, 2016 at 08:56:57PM +0200, Groach wrote:
On 23/05/2016 20:39, Dave McMurtrie wrote:
On Mon, 2016-05-23 at 19:52 +0200, C.D. Cochrane wrote:
ClamAV is fast, free, easy to integrate with just about any MTA and
it's actively developed. We've been running it for years, along with
th
On Mon, May 23, 2016 at 06:39:41PM +, Dave McMurtrie wrote:
On Mon, 2016-05-23 at 19:52 +0200, C.D. Cochrane wrote:
>> My 2 cents would be that rapid traditional signature updates are not a
viable solution to this long term problem.
>> I'm pretty sure the current generation of Locky, Dridex
On Mon, 2016-05-23 at 19:52 +0200, C.D. Cochrane wrote:
> >> My 2 cents would be that rapid traditional signature updates are not a
> >> viable solution to this long term problem.
> >> I'm pretty sure the current generation of Locky, Dridex, Nemucod, etc.
> >> ransomware is generated using millio
Every AV is losing. That’s why we’re working on alternative things at the
same time.
--
Joel Esler
Manager, Talos Group
On May 23, 2016, at 2:15 PM, C.D. Cochrane
mailto:c...@post.com>> wrote:
Obviously going to disagree. We are pushing almost a thousand pieces of
detection
every four
>
> Obviously going to disagree. We are pushing almost a thousand pieces of
> detection
> every four hours now, and that will only increase from here.
>
1,000,000 unique submissions per day vs. 6000 "pieces of detection" per day.
If that is
"apples" to "apples" then I'd have to say ClamAV is lo
--
Joel Esler
Manager, Talos Group
On May 23, 2016, at 1:52 PM, C.D. Cochrane
mailto:c...@post.com>> wrote:
My 2 cents would be that rapid traditional signature updates are not a viable
solution to this long term problem.
I'm pretty sure the current generation of Locky, Dridex, Nemucod, et
>> My 2 cents would be that rapid traditional signature updates are not a
>> viable solution to this long term problem.
>> I'm pretty sure the current generation of Locky, Dridex, Nemucod, etc.
>> ransomware is generated using millions
>> of tiny mutations so that almost every email attachment h
Everything about ClamAV is open source and free. Including the signatures. There
is nothing stopping any of us from filling the gaps in signatures.
dp
On 5/23/16 9:45 AM, Groach wrote:
On 23/05/2016 14:44, C.D. Cochrane wrote:
Hi Michael,
I made a similar inquiry last week (Signature update
Greetings all;
What can I reconfigure in this procmail recipe, to make it detect stuff
as its incoming, that are detected by a clamscand run while its sitting
in my spam holding directories
VERBOSE=YES
# Scan for viruses
:0
VIRUS=|clamdscan --stdout -
:0w
* VIRUS ?? ^.*: \
On 05/23/2016 03:52 PM, Steve Basford wrote:
Excellent - just installed it, and it's already working it's magic :)
The views and opinions expressed by Michael in the above post that
Sanesecurity possesses magic, are solely his own and do not necessarily
represent the views of the ministry of ma
On Mon, May 23, 2016 2:33 pm, Michael D. L. wrote:
>
>
> On 05/23/2016 02:44 PM, C.D. Cochrane wrote:
>
>> Hi Michael and Michael,
>> You may want to look at sanesecurity[.]org. They have a supplemental
>> ClamAV database that
>> is supposed to be better at detecting the current scourge of ranso
On 05/23/2016 02:44 PM, C.D. Cochrane wrote:
Hi Michael and Michael,
You may want to look at sanesecurity[.]org. They have a supplemental ClamAV
database that
is supposed to be better at detecting the current scourge of ransomware and
malware. It
was recommended to me when I noted that Clam
Hello,
Le lundi 23 mai 2016, 14:44:33 C.D. Cochrane a écrit :
> Hi Michael and Michael,
> You may want to look at sanesecurity[.]org. They have a supplemental ClamAV
> database that is supposed to be better at detecting the current scourge of
> ransomware and malware.
You can check this too :
h
Hi Michael and Michael,
You may want to look at sanesecurity[.]org. They have a supplemental ClamAV
database that
is supposed to be better at detecting the current scourge of ransomware and
malware. It
was recommended to me when I noted that ClamAV seems to miss a LOT of the
current malware,
b
On 05/23/2016 01:43 PM, Michael Heseltine wrote:
Hello all,
I have recently modified my exim (4.82) configuration so that all
messages pass through clamav (0.99.2) first. Anything labeled as
malware should be rejected while the incoming SMTP connection is still
open (using an *acl_smtp_data*
Hello all,
I have recently modified my exim (4.82) configuration so that all
messages pass through clamav (0.99.2) first. Anything labeled as malware
should be rejected while the incoming SMTP connection is still open
(using an *acl_smtp_data* in exim).
But so far, this setup has not detected
18 matches
Mail list logo