Hello,
Same statement over here, 11 variants of Stration have been submitted
yesterday and some of them are still not being detected. All these
variants were spread in less than two hours, the virus mail botnets
picked up 400 of these viruses yesterday.
I presume you must have some signature priority based on the number of
submissions.
So was wondering how can we help you to make this process more digest
and re-enforce clam reactivity ?
Are you using some application/database to compare viruses and help to
find similar patterns ?
Regards,
Fabien Bourdaire
ECSC Security Analyst.
budtse wrote:
How hard is it to create new signatures ? I would be interested in
creating signatures from time to time (although time is rather scarce
here, i hope that'll get better soon), but don't know the first thing
about it. If it is fairly straigth-forward and does not require too
much knowledge or skills, i'd be glad to help from time to time.
budtse
I don't think they're lost, but it looks to me like the signature team
desparately needs some help. if you judge the submission numbers, only
for about 10% of the submitted samples actual patters exist, so it
shouldn't be uncommon for your sample to be somewhere in the other
undetected 10% range.
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
