Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread Steve Basford 




On 14 April 2017 17:31:21 Reindl Harald  wrote:


SanSecurity creating signature database files based and it showing risk
status of malware


sanesecurity shows *risk of false-positives*
don't confuse such basics


That's correct it's a *very rough* fp guide for each database as each 
user's fp risk view could be different.


Malware, adware, ransomware, Trojans  etc. are all bad... just with 
slightly different end results.


Cheers,

Steve
Twitter: @sanesecurity


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread Reindl Harald 



Am 14.04.2017 um 18:33 schrieb crazy thinker:

Oh.. ok..But  how  Commercial AV  Calculating risk level of  malware and
what is the criteria for that.?


frankly i don't want to know at all what nonsense criteria all that 
ratware which is most of the time more security risk and malware itself 
and i assure you they just throw a coin to create another blinky shiny 
thing on their UI



On 14 April 2017 at 22:00, Reindl Harald  wrote:


Am 14.04.2017 um 18:28 schrieb crazy thinker:


All Commericial AV's showign risk status of malware

SanSecurity creating signature database files based and it showing risk
status of malware



sanesecurity shows *risk of false-positives*
don't confuse such basics


On 14 April 2017 at 21:17, SCOTT PACKARD 

wrote:



No. all malware would not be large risk.. for an example,  EICAR  test



file


is sample virus file.it can't make big damage to system.



Can you present another example, other than the EICAR test file?


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread Dennis Peterson 
This is probably not the best list for this conversation. You make get better 
results by talking with developers, not end-users.


dp

On 4/14/17 9:33 AM, crazy thinker wrote:

Oh.. ok..But  how  Commercial AV  Calculating risk level of  malware and
what is the criteria for that.?

On 14 April 2017 at 22:00, Reindl Harald  wrote:



Am 14.04.2017 um 18:28 schrieb crazy thinker:


All Commericial AV's showign risk status of malware

SanSecurity creating signature database files based and it showing risk
status of malware


sanesecurity shows *risk of false-positives*
don't confuse such basics


On 14 April 2017 at 21:17, SCOTT PACKARD 

wrote:



No. all malware would not be large risk.. for an example,  EICAR  test
file


is sample virus file.it can't make big damage to system.


Can you present another example, other than the EICAR test file?
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___

clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread crazy thinker 
Oh.. ok..But  how  Commercial AV  Calculating risk level of  malware and
what is the criteria for that.?

On 14 April 2017 at 22:00, Reindl Harald  wrote:

>
>
> Am 14.04.2017 um 18:28 schrieb crazy thinker:
>
>> All Commericial AV's showign risk status of malware
>>
>> SanSecurity creating signature database files based and it showing risk
>> status of malware
>>
>
> sanesecurity shows *risk of false-positives*
> don't confuse such basics
>
>
> On 14 April 2017 at 21:17, SCOTT PACKARD 
>> wrote:
>>
>>
>>> No. all malware would not be large risk.. for an example,  EICAR  test

>>> file
>>>
 is sample virus file.it can't make big damage to system.

>>>
>>> Can you present another example, other than the EICAR test file?
>>> ___
>>> clamav-users mailing list
>>> clamav-users@lists.clamav.net
>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>>
>>>
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>>
>>> http://www.clamav.net/contact.html#ml
>>>
>> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread Reindl Harald 



Am 14.04.2017 um 18:28 schrieb crazy thinker:

All Commericial AV's showign risk status of malware

SanSecurity creating signature database files based and it showing risk
status of malware


sanesecurity shows *risk of false-positives*
don't confuse such basics


On 14 April 2017 at 21:17, SCOTT PACKARD  wrote:




No. all malware would not be large risk.. for an example,  EICAR  test

file

is sample virus file.it can't make big damage to system.


Can you present another example, other than the EICAR test file?
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread crazy thinker 
All Commericial AV's showign risk status of malware

SanSecurity creating signature database files based and it showing risk
status of malware


please find  below reference link
Sansecurity Signatures 

On 14 April 2017 at 21:17, SCOTT PACKARD  wrote:

>
> > No. all malware would not be large risk.. for an example,  EICAR  test
> file
> > is sample virus file.it can't make big damage to system.
>
> Can you present another example, other than the EICAR test file?
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread Reindl Harald 



Am 14.04.2017 um 17:44 schrieb crazy thinker:

@joel

No. all malware would not be large risk.. for an example,  EICAR  test file
is sample virus file.it can't make big damage to system.
I think  malware can be  classified into folllowing formats like low level
threat, high level threat and high level threat based on malware's impact


nonsense - EICAR is just to *test* if the setup works at all
anything else is malware or not


On 14 April 2017 at 20:58, Joel Esler (jesler)  wrote:


Wouldn’t all malware be a large risk?

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread SCOTT PACKARD 

> No. all malware would not be large risk.. for an example,  EICAR  test file
> is sample virus file.it can't make big damage to system.

Can you present another example, other than the EICAR test file?
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread crazy thinker 
@joel

No. all malware would not be large risk.. for an example,  EICAR  test file
is sample virus file.it can't make big damage to system.
I think  malware can be  classified into folllowing formats like low level
threat, high level threat and high level threat based on malware's impact

Thanks
Crazy Thinker Inc

On 14 April 2017 at 20:58, Joel Esler (jesler)  wrote:

> Wouldn’t all malware be a large risk?
>
> --
> Joel Esler | Talos: Manager | jes...@cisco.com
>
>
>
>
>
>
> On Apr 14, 2017, at 12:47 AM, crazy thinker  mailto:crazythinke...@gmail.com>> wrote:
>
> Hi ClamAV Developers,Users
>
> I know that ClamAV is a very powerful anti-virus scanner.i am looking for
> the feature of threat risk level(high,low,medium) with ClamAV
>
> ClamAV Development Team,
>
> you guys have ideas on implementing this feature in upcoming relesases of
> ClamAV
>
> i would like to contribute to implement this feature.. could anyone of you
> give a brief idea on how to implement it with ClamAV Virus Scanner
>
> for an example
>
> if Y threat is found on X Machine,
>
> i have to represent the scan result of file with  Virus Attributes
>
> *Virus Name  VirusFamily  RiskLevel*
>
>
>
> Thanks,
> Crazy Thinker
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Identify Threat Risk Level with ClamAV

2017-04-14 Thread Joel Esler (jesler) 
Wouldn’t all malware be a large risk?

--
Joel Esler | Talos: Manager | jes...@cisco.com






On Apr 14, 2017, at 12:47 AM, crazy thinker 
> wrote:

Hi ClamAV Developers,Users

I know that ClamAV is a very powerful anti-virus scanner.i am looking for
the feature of threat risk level(high,low,medium) with ClamAV

ClamAV Development Team,

you guys have ideas on implementing this feature in upcoming relesases of
ClamAV

i would like to contribute to implement this feature.. could anyone of you
give a brief idea on how to implement it with ClamAV Virus Scanner

for an example

if Y threat is found on X Machine,

i have to represent the scan result of file with  Virus Attributes

*Virus Name  VirusFamily  RiskLevel*



Thanks,
Crazy Thinker
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Identify Threat Risk Level with ClamAV

2017-04-13 Thread crazy thinker 
Hi ClamAV Developers,Users

I know that ClamAV is a very powerful anti-virus scanner.i am looking for
the feature of threat risk level(high,low,medium) with ClamAV

ClamAV Development Team,

you guys have ideas on implementing this feature in upcoming relesases of
ClamAV

i would like to contribute to implement this feature.. could anyone of you
give a brief idea on how to implement it with ClamAV Virus Scanner

for an example

if Y threat is found on X Machine,

i have to represent the scan result of file with  Virus Attributes

*Virus Name  VirusFamily  RiskLevel*



Thanks,
Crazy Thinker
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml