Tomasz Kojm wrote:
b) VirusTotal's site has a more up to date version of ClamAV, using
the builds from here (now and again):
http://www.sosdg.org/clamav-win32/index.php
I don't think so, it seems they're using ClamWin.
Yes, all AV products in VirusTotal are Windows based, that is why we
Bogusaw Brandys wrote:
Steve Basford wrote:
Just use http://www.virustotal.com/ - excellent resource for scanning
suspicious files with multiple engines at once. As mentioned in the
They did not catch it!!!
On Mon, 18 Oct 2004 11:22:01 +0200 in
[EMAIL PROTECTED] Tomasz Kojm [EMAIL PROTECTED]
wrote:
For those running 0.80rc4 or 0.80 final, you can catch all jpeg
exploits with the following signature (add it to a local.ndb file
in your database directory):
On Mon, 2004-10-18 at 15:40, Brian Morrison wrote:
On Mon, 18 Oct 2004 11:22:01 +0200 in
[EMAIL PROTECTED] Tomasz Kojm [EMAIL PROTECTED]
wrote:
For those running 0.80rc4 or 0.80 final, you can catch all jpeg
exploits with the following signature (add it to a local.ndb file
in
On Mon, 18 Oct 2004, Trog wrote:
On Mon, 2004-10-18 at 15:40, Brian Morrison wrote:
On Mon, 18 Oct 2004 11:22:01 +0200 Tomasz Kojm [EMAIL PROTECTED] wrote:
For those running 0.80rc4 or 0.80 final, you can catch all jpeg
exploits with the following signature (add it to a local.ndb file
in your
Hi,
Can someone test ClamAV with these files:
http://www.hiddenbit.org/demo_files/jpeg.zip
Source:
http://lists.netsys.com/pipermail/full-disclosure/2004-October/027530.html
Cheers,
Steve
___
On Sun, 17 Oct 2004, Steve Basford wrote:
Hi,
Can someone test ClamAV with these files:
http://www.hiddenbit.org/demo_files/jpeg.zip
[westnet]:~$ clamdscan - jpeg.zip
stream: OK
--- SCAN SUMMARY ---
Infected files: 0
Time: 0.113 sec (0 m 0 s)
Running 20041017 snap
Vernon A. Fort wrote:
Steve Basford wrote:
Hi,
Can someone test ClamAV with these files:
http://www.hiddenbit.org/demo_files/jpeg.zip
Source:
http://lists.netsys.com/pipermail/full-disclosure/2004-October/027530.html
Cheers,
Steve
___
Tested with McAfee uvscan, Avgscan, clamscan. Only uvscan detected a
virus
Found the Exploit-MS04-028 trojan !!!
I also have sophos but not currently installed. I tested both on the
uncompress zip and uncompressed. Again, only McAcee Uvscan detected
anything.
Vernon
Just use
Hi,
Vernon A. Fort wrote:
Vernon A. Fort wrote:
Steve Basford wrote:
Hi,
Can someone test ClamAV with these files:
http://www.hiddenbit.org/demo_files/jpeg.zip
Source:
http://lists.netsys.com/pipermail/full-disclosure/2004-October/027530.html
Cheers,
Steve
Just use http://www.virustotal.com/ - excellent resource for scanning
suspicious files with multiple engines at once. As mentioned in the
Thanks all for the checking... as a extra site to bookmark, this site is
good too:
http://virusscan.jotti.dhs.org/ ( Jotti's malware scan: samples are added
Steve Basford wrote:
Just use http://www.virustotal.com/ - excellent resource for scanning
suspicious files with multiple engines at once. As mentioned in the
Thanks all for the checking... as a extra site to bookmark, this site is
good too:
http://virusscan.jotti.dhs.org/ ( Jotti's malware
Thanks Jotti ! Really awesome site ! Good work!
It's a very useful site, along with VirusTotal's site.
Before I go anymore off-topic, just two points to note:
a) Jotii isn't running the very lastest CVS version, he will only
run the lastest STABLE version, so it won't cope too well with the
On Sun, 17 Oct 2004 21:14:00 +0100
Steve Basford [EMAIL PROTECTED] wrote:
b) VirusTotal's site has a more up to date version of ClamAV, using
the builds from here (now and again):
http://www.sosdg.org/clamav-win32/index.php
I don't think so, it seems they're using ClamWin.
--
oo
On 10/17/2004 10:14 PM +0200, Steve Basford wrote:
Thanks Jotti ! Really awesome site ! Good work!
It's a very useful site, along with VirusTotal's site.
Before I go anymore off-topic, just two points to note:
a) Jotii isn't running the very lastest CVS version, he will only
run the lastest
On Sun, 17 Oct 2004 21:36:22 -0500 (CDT)
Damian Menscher [EMAIL PROTECTED] wrote:
For those running 0.80rc4 or 0.80 final, you can catch all jpeg
exploits with the following signature (add it to a local.ndb file in
your database directory):
Exploit.JPEG.Comment.FalsePos:5:0:ffd8ff
On Oct 17, 2004, at 22:49, Tomasz Kojm wrote:
On Sun, 17 Oct 2004 21:36:22 -0500 (CDT)
Damian Menscher [EMAIL PROTECTED] wrote:
For those running 0.80rc4 or 0.80 final, you can catch all jpeg
exploits with the following signature (add it to a local.ndb file in
your database directory):
On Sun, 17 Oct 2004, D Walsh wrote:
On Oct 17, 2004, at 22:49, Tomasz Kojm wrote:
On Sun, 17 Oct 2004 21:36:22 -0500 (CDT)
Damian Menscher [EMAIL PROTECTED] wrote:
For those running 0.80rc4 or 0.80 final, you can catch all jpeg
exploits with the following signature (add it to a local.ndb file in
18 matches
Mail list logo
