> I am interested in Tom's list of unofficial signatures - but haven't > found the recommended way to use the signatures. Do I need to download > them periodically - or do I just add an additional freshclam > DataBaseMirror directive. In either case - exactly what is the url to > download from - or to add to the freshclam directive?
Hi Richard, Download one of the scripts here, ideally script 1 (Bill Landry): http://sanesecurity.co.uk/download_scripts_linux.htm Current databases are described here: http://sanesecurity.co.uk/databases.htm Note that rougue.hdb, phish.ndb and winnow_malware.hdb and winnow_malware_links.ndb, all deal with malware. Example stats: http://www.oucs.ox.ac.uk/network/smtp/relay/stats/index.xml.ID=malware (using phish.ndb, scam.ndb, junk.ndb) BTW, current fake Microsoft Outlook Notification is currently being blocked, as Sanesecurity.Malware.12699 Cheers, Steve Sanesecurity _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
