Moti @ OnlineBackupVault.com skrev den 12-02-2013 14:59:
I would like to build a malware/virus URL scanner/cleaner based on
ClamAV
engine.
nope
echo clamav | sigtool --hex-dump clamav.hex
echo clamav.test.1:0:*: clamav.hex clamav.ndb
clamscan --database=clamav.ndb
cat clamav.ndb | sigtool
Thanks Al.
--
Joel Esler
Sent from my iPhone
On Feb 13, 2013, at 12:53 AM, Al Varnell alvarn...@mac.com wrote:
Joel,
http://www.clamav.net/lang/en/sendvirus/ Third paragraph.
-Al-
On 2/12/13 9:48 PM, Joel Esler wrote:
Where did you see this page? I see what you posted, but
On 11.02.13 13:26, Jim Preston wrote:
Apple's App protection is analogous to running anti-virus software
and the evasi0n jailbreak the analogous of turning off the
anti-virus.
My reasoning for this analogy is that all legitimate applications
are tested by Apple and therefore safe for users
Hello,
Apologies if this is the wrong forum, but I submitted a bug report to
the bugzilla website, #6801. Should I just be patient?
Thanks, Robin
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
Yes, please. If you set up yourself to be notified when an update is
posted to the bug, you will receive and email when that happens. All
incoming bug reports are looked at within a reasonable amount of time.
Thanks,
- Alain
___
Help us build a
Apple doesn't block everything but what they have tested. What does that mean?
--
Joel Esler
Sent from my iPhone
On Feb 13, 2013, at 9:03 AM, Matus UHLAR - fantomas uh...@fantomas.sk wrote:
On 11.02.13 13:26, Jim Preston wrote:
Apple's App protection is analogous to running anti-virus
Sure - thanks for the reply.
Robin
-Original Message-
From: clamav-users-boun...@lists.clamav.net
[mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Alain
Zidouemba
Sent: 13 February 2013 14:36
To: ClamAV users ML
Subject: Re: [clamav-users] Bug report submitted - do I need to
On 02/13/2013 07:03 AM, Matus UHLAR - fantomas wrote:
On 11.02.13 13:26, Jim Preston wrote:
Apple's App protection is analogous to running anti-virus software
and the evasi0n jailbreak the analogous of turning off the anti-virus.
My reasoning for this analogy is that all legitimate
On 02/13/2013 07:36 AM, Joel Esler wrote:
Apple doesn't block everything but what they have tested. What does that mean?
--
Joel Esler
Sent from my iPhone
On Feb 13, 2013, at 9:03 AM, Matus UHLAR - fantomasuh...@fantomas.sk wrote:
On 11.02.13 13:26, Jim Preston wrote:
Apple's App
To be sold in the store, sure. But your apps don't have to be sold in the
store.
--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
On Wednesday, February 13, 2013 at 10:02 AM, Jim Preston wrote:
On 02/13/2013 07:36 AM, Joel Esler wrote:
Apple doesn't
On 13.02.13 09:36, Joel Esler wrote:
Apple doesn't block everything but what they have tested.
Yes, it does.
What does that mean?
You can only install application from apple store, after they
verified it does not make any bad. However, I don't like this behaviour.
Computers (including
That's not true at all. You can install an application from anywhere.
See the attached screenshot, which can be found in your System Preferences.
--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
On Wednesday, February 13, 2013 at 10:07 AM, Matus UHLAR -
Joel Esler skrev den 13-02-2013 16:10:
See the attached screenshot, which can be found in your System
Preferences.
where is it ?, apple is imho not worse then android when it comes to
control off spyware and poision of mobile phones, but how to make cvd
files would be nice to see in wiki,
No one knows what Apple is planning, except for Apple. It wouldn't surprise
me, but I'm not going to hold my breath and wait.
--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
On Wednesday, February 13, 2013 at 10:18 AM, Greg Folkert wrote:
Not yet. In
System Preferences - Security and Privacy
--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
On Wednesday, February 13, 2013 at 10:30 AM, Benny Pedersen wrote:
Joel Esler skrev den 13-02-2013 16:10:
See the attached screenshot, which can be found in your
Am 13.02.2013 16:10, schrieb Joel Esler:
That's not true at all. You can install an application from anywhere.
See the attached screenshot, which can be found in your System Preferences.
I think you are talking at cross purposes here.
This thread is about Evasi0n, which is a tool to
Am 13.02.2013 16:43, schrieb Joel Esler:
System Preferences - Security and Privacy
The iPhone has no such item.
On Wednesday, February 13, 2013 at 10:30 AM, Benny Pedersen wrote:
Joel Esler skrev den 13-02-2013 16:10:
See the attached screenshot, which can be found in your System
Well, as you stated in a previous reply, we weren't talking about the iPhone.
--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
On Wednesday, February 13, 2013 at 11:14 AM, Tilman Schmidt wrote:
Am 13.02.2013 16:43, schrieb Joel Esler:
System Preferences -
Joel Esler skrev den 13-02-2013 16:43:
System Preferences - Security and Privacy
clamWin ?
not using it, so not found
Authentication-Results: duggi.junc.org;
dkim=fail reason=signature verification failed (1024-bit key)
header.d=sourcefire.com header.i=@sourcefire.com header.b=YU9BxAH7;
I am starting to hear from several ClamXav users that they are being alerted
to BC.Exploit.CVE_2013_0019 infections. Most are in browser caches and one
who had saved some 35 html documents several months ago during a job search.
All had deleted them before I could have them uploaded as FP's, but
The signature is more complex than that. What you are seeing and
decoding are just the triggering conditions to start evaluating HTML
files for the vulnerability CVE-2013-0019.
In any case, we received a few FP reports for that signature and have
made some tweaks that we are currently testing
On 02/13/2013 08:05 AM, Joel Esler wrote:
To be sold in the store, sure. But your apps don't have to be sold in the
store.
--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
On Wednesday, February 13, 2013 at 10:02 AM, Jim Preston wrote:
On 02/13/2013
For some reason BC.Exploit.CVE_2013_0019 is still with us. I can see from
the home page:
bytecode.cvd ver. 214 released on 13 Feb 2013 10:29 :0500 (sig count: 41)
But when I check the current cvd I get:
current.cvd.clamav.net descriptive text
0.97.6:54:16679:1360801740:0:63:40230:213
And
Hi
Do the FileSize field in a HDB signature serve any purpose during pattern
matching, or pattern matching relies only on the MD5 checksum?
Similarly for the MDB signature whats the role of PESectionSize in pattern
matching? Does PESectionSize get used while filtering and/or preprocessing
during
24 matches
Mail list logo
