Hi there,
This is a more or less random data point.
On Mon, 14 Mar 2022, Micah Snyder (micasnyd) via clamav-users wrote:
Sorry that this response come so late that is nearly a necro-thread. ...
Er, ditto.
... If anyone has any other ideas about it, I'd love to hear them. ...
One thing
G.W. Haywood via clamav-users wrote:
Hi there,
On Mon, 21 Mar 2022, Kris Deugau wrote:
TBH I'd prefer if Clam *did* continue, just skipping malformed rules
(and also whinging loudly in the log).
I could live with that if it didn't *also* crash.
Either would be better than just exiting
Hi there,
On Mon, 21 Mar 2022, Kris Deugau wrote:
TBH I'd prefer if Clam *did* continue, just skipping malformed rules
(and also whinging loudly in the log).
I could live with that if it didn't *also* crash.
Either would be better than just exiting (it's not a hard *crash*,
it's "just"
G.W. Haywood via clamav-users wrote:
Hi Micah,
On Wed, 16 Mar 2022, Micah Snyder (micasnyd) wrote:
I'm not sure what you mean here. Can you elaborate? If you simply
want ClamAV ignore garbage rules on load and continue with the rest
of the file (see point #4) - that's something we can easily
Hi Micah,
On Wed, 16 Mar 2022, Micah Snyder (micasnyd) wrote:
(1) a plea for a way to test rules before they go live;
If you mean "for personal use" then I'd say, "What Maarten said."
Er, no. Not "scan to make sure it detects things". What I meant was
"do something to make sure it won't
On 16 March 2022 22:16:05 Eric Tykwinski wrote:
Steve,
I like the idea, but why the hex; hex?
Sorry, should have been clearer... not just hex but
Test;Engine:81-255,Target:0;(b0);0f0f0f*0b0b0b;0/blah*(?:[4-7]|[8003]\d)/
etc...>Just thinking about my recent issues with direct deposit
On 16 March 2022 22:16:05 Eric Tykwinski wrote:
Steve,
I like the idea, but why the hex; hex?
Just thinking about my recent issues with direct deposit phishing emails
from gmail.com and they are written probably by people, so I can’t really
hash it, and have to regex it.
On Mar 16,
Steve,
I like the idea, but why the hex; hex?
Just thinking about my recent issues with direct deposit phishing emails from
gmail.com and they are written probably by people, so I can’t really hash it,
and have to regex it.
> On Mar 16, 2022, at 5:10 PM, Steve Basford
> wrote:
>
> On 16
On 16 March 2022 20:29:19 "Micah Snyder \(micasnyd\) via clamav-users"
wrote:
yara rule loading logic works right now.
(3) a way to specify that a rule is to match in
(a) mail headers only or
(b) mail body only or
(c) both;
Just a random early thought... could .ldb be extended...
Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
From: clamav-users on behalf of G.W.
Haywood via clamav-users
Sent: Tuesday, March 15, 2022 10:51 AM
To: ClamAV users ML
Cc: G.W. Haywood
Subject: Re: [clamav-users] human friendly signatures
Hi there,
On T
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
From: Micah Snyder (micasnyd)
Sent: Wednesday, March 16, 2022 12:10 PM
To: ClamAV users ML ; Laurent S.
<110ef9e3086d8405c2929e34be5b4...@protonmail.ch>
Subject: Re: [clamav-users] human friendly sign
-users on behalf of Laurent
S. via clamav-users
Sent: Tuesday, March 15, 2022 3:42 AM
To: ClamAV users ML
Cc: Laurent S. <110ef9e3086d8405c2929e34be5b4...@protonmail.ch>
Subject: Re: [clamav-users] human friendly signatures
On Tuesday, March 15th, 2022 at 00:36, Micah Snyder (micasnyd)
On Tue, Mar 15, 2022 at 1:53 PM G.W. Haywood via clamav-users <
clamav-users@lists.clamav.net> wrote:
> Hi there,
>
> On Tue, 15 Mar 2022, Laurent S. via clamav-users wrote:
> >> using Yara's engine in clamav directly is something that has been
> >> brought up time and again. It is possible. My
Hi there,
On Tue, 15 Mar 2022, Laurent S. via clamav-users wrote:
On Tuesday, March 15th, 2022 at 00:36, Micah Snyder wrote:
Starting with our own new language would let us maintain do that
but make it easier for new analysts to train up on ClamAV.
I don't see at all the advantage of using
On Tuesday, March 15th, 2022 at 00:36, Micah Snyder (micasnyd)
wrote:
> Starting with our own new language would let us maintain do that but make it
> easier for new analysts to train up on ClamAV.
I don't see at all the advantage of using a different, less used language. I
don't know many
Hi all,
Sorry that this response come so late that is nearly a necro-thread. Things
have been busy.
I've been thinking about some of the thing you all have said. And we've talked
about it a bit as a team.
We know there is a lot of interest in having better Yara support, not only
because it
16 matches
Mail list logo