Hello, thank you for your answer.
I understand your point, i guess i should simply trust the project
repository.
I was asked to check whether i could integrate informations coming from
https://github.com/fireeye/red_team_tool_countermeasures/blob/master/all-clam.ldb
with a pre existing clamav
Hi there,
On Wed, 6 Jan 2021, Luca Sironi via clamav-users wrote:
How can i crosscheck a .ldb file like the one published from Red Eye
with the content of the cvd files i download from clamav?
Please define "crosscheck". If you mean that you want to check that
two different types of
Hello Joel, all
sorry if i insist on this topic, i'm still learning the tool.
How can i crosscheck a .ldb file like the one published from Red Eye
with the content of the cvd files i download from clamav?
I tried to unpack those with sigtool but the syntax of the cvd is much more
clear
a
Yes
Sent from my iPhone
> On Dec 22, 2020, at 02:30, Luca Sironi via clamav-users
> wrote:
>
>
> Hello,
> are those signatures coming from FireEye github already included on the
> regular update ?
>
> regards
> Luca
>
> ___
>
> clamav-users
On 22 December 2020 07:28:53 Luca Sironi via clamav-users
wrote:
Hello,
are those signatures coming from FireEye github already included on the
regular update ?
Hi...
Joel indicated the other day sigs to detect the problem files are already
in the official Databases :)
Cheers,
Steve
Hello,
are those signatures coming from FireEye github already included on the
regular update ?
regards
Luca
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a
Also, we have shipped detection which detects the same things Fireeye was
detecting and much more, also rewritten to be more efficient in the official
ruleset.
Sent from my iPhone
> On Dec 14, 2020, at 18:54, G.W. Haywood via clamav-users
> wrote:
>
> Hi there,
>
>> On Mon, 14 Dec
Hi there,
On Mon, 14 Dec 2020, Sandeep Talla wrote:
... *fireeye.ldb* file under the directory /var/lib/clamav/ ...
... Clamscam is not picking up the *fireeye.ldb* file when
Clamscam. I like that. :)
we verify the Freshclam.log and clamav.log files.
Freshclam will not update the
Sandeep Talla wrote:
Hi Mark/Kris,
Thank you for your responses. I have placed the *fireeye.ldb* file under
the directory /var/lib/clamav/ and modified the permission to 644 and
ownership to clamav. Then we have restarted the service
Clamav-Deamon and then started clamscan. However, Clamscam
Hi Mark/Kris,
Thank you for your responses. I have placed the *fireeye.ldb* file under
the directory /var/lib/clamav/ and modified the permission to 644 and
ownership to clamav. Then we have restarted the service Clamav-Deamon and
then started clamscan. However, Clamscam is not picking up the
Hi Sandeep,
There's no need to convert them. Just put them straight into the clamav
database directory and call them whatever_you_want.ldb eg
/var/lib/clamav/fireeye.ldb
As long as the name you choose doesn't conflict with ClamAV's naming (eg
main/daily/bytecode etc), the only bits you
Sandeep Talla wrote:
Hi All,
We have ClamAV installed on Ubuntu. On Ubuntu, the rules can be
specified or modified under the directory */var/lib/clamav/main.cvd*.
However, We are trying to consume ClamAV rules from the FireEye as
shown below link which is*.ldb* file and we are trying to
Hi All,
We have ClamAV installed on Ubuntu. On Ubuntu, the rules can be specified
or modified under the directory */var/lib/clamav/main.cvd*. However, We
are trying to consume ClamAV rules from the FireEye as shown below
link which is* .ldb* file and we are trying to convert to *.cvd* format.
13 matches
Mail list logo