Hi Arnaud, Thank you very much. Just a question, would this be the same on the Windows port as we're running in Windows?
Many thanks, David On Thu 11 Apr 2019, 19:35 Arnaud Jacques, <webmas...@securiteinfo.com> wrote: > David, > > Here is an example : > > Create a file pdf.ndb in your clamav signatures directory (usually > /var/lib/clamav/) > In this file put this : > testpdf:10:*:4f70656e416374696f6e*4a617661536372697074 > > Save the file, and restart Clamav. > Then clamdscan should detect the pdf with "OpenAction" and "Javascript". > > More information about creating signatures for Clamav at : > https://www.clamav.net/documents/creating-signatures-for-clamav > > > Le 11/04/2019 à 19:29, David Hendrick a écrit : > > Hi Arnaud, > > Could you explain how I do this? If this something I can add to > clamd.conf? > > > > Many thanks, > > David > > > > -----Original Message----- > > From: clamav-users <clamav-users-boun...@lists.clamav.net> On Behalf Of > Arnaud Jacques > > Sent: Thursday 11 April 2019 18:27 > > To: clamav-users@lists.clamav.net > > Subject: Re: [clamav-users] PDF Scanning > > > > Hello David, > > > > Le 11/04/2019 à 19:20, David Hendrick a écrit : > >> Hi there, > >> Does anyone know if there's a way to have ClamAV detect PDF files that > >> have items such as "OpenAction" or "JavaScript" or "JS"? > > You can do any detection using Clamav. > > *But* if you detect PDF containing "OpenAction" and "Javascript" or "JS" > > you will have a lot of false positives. > > > > -- > > Cordialement / Best regards, > > > > Arnaud Jacques > > Gérant de SecuriteInfo.com > > > > Téléphone : +33-(0)3.44.39.76.46 > > E-mail : a...@securiteinfo.com > > Site web : https://www.securiteinfo.com > > Facebook : > https://www.facebook.com/pages/SecuriteInfocom/132872523492286 > > Twitter : @SecuriteInfoCom > > > > Securiteinfo.com > > La Sécurité Informatique - La Sécurité des Informations. > > 266, rue de Villers > > 60123 Bonneuil en Valois > > > > > > _______________________________________________ > > > > clamav-users mailing list > > clamav-users@lists.clamav.net > > https://lists.clamav.net/mailman/listinfo/clamav-users > > > > > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > > > > > _______________________________________________ > > > > clamav-users mailing list > > clamav-users@lists.clamav.net > > https://lists.clamav.net/mailman/listinfo/clamav-users > > > > > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > -- > Cordialement / Best regards, > > Arnaud Jacques > Gérant de SecuriteInfo.com > > Téléphone : +33-(0)3.44.39.76.46 > E-mail : a...@securiteinfo.com > Site web : https://www.securiteinfo.com > Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286 > Twitter : @SecuriteInfoCom > > Securiteinfo.com > La Sécurité Informatique - La Sécurité des Informations. > 266, rue de Villers > 60123 Bonneuil en Valois > > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml