Hi Arnaud,

Thank you very much. Just a question, would this be the same on the Windows
port as we're running in Windows?

Many thanks,
David

On Thu 11 Apr 2019, 19:35 Arnaud Jacques, <webmas...@securiteinfo.com>
wrote:

> David,
>
> Here is an example :
>
> Create a file pdf.ndb in your clamav signatures directory (usually
> /var/lib/clamav/)
> In this file put this :
> testpdf:10:*:4f70656e416374696f6e*4a617661536372697074
>
> Save the file, and restart Clamav.
> Then clamdscan should detect the pdf with "OpenAction" and "Javascript".
>
> More information about creating signatures for Clamav at :
> https://www.clamav.net/documents/creating-signatures-for-clamav
>
>
> Le 11/04/2019 à 19:29, David Hendrick a écrit :
> > Hi Arnaud,
> > Could you explain how I do this? If this something I can add to
> clamd.conf?
> >
> > Many thanks,
> > David
> >
> > -----Original Message-----
> > From: clamav-users <clamav-users-boun...@lists.clamav.net> On Behalf Of
> Arnaud Jacques
> > Sent: Thursday 11 April 2019 18:27
> > To: clamav-users@lists.clamav.net
> > Subject: Re: [clamav-users] PDF Scanning
> >
> > Hello David,
> >
> > Le 11/04/2019 à 19:20, David Hendrick a écrit :
> >> Hi there,
> >> Does anyone know if there's a way to have ClamAV detect PDF files that
> >> have items such as "OpenAction" or "JavaScript" or "JS"?
> > You can do any detection using Clamav.
> > *But* if you detect PDF containing "OpenAction" and "Javascript" or "JS"
> > you will have a lot of false positives.
> >
> > --
> > Cordialement / Best regards,
> >
> > Arnaud Jacques
> > Gérant de SecuriteInfo.com
> >
> > Téléphone : +33-(0)3.44.39.76.46
> > E-mail : a...@securiteinfo.com
> > Site web : https://www.securiteinfo.com
> > Facebook :
> https://www.facebook.com/pages/SecuriteInfocom/132872523492286
> > Twitter : @SecuriteInfoCom
> >
> > Securiteinfo.com
> > La Sécurité Informatique - La Sécurité des Informations.
> > 266, rue de Villers
> > 60123 Bonneuil en Valois
> >
> >
> > _______________________________________________
> >
> > clamav-users mailing list
> > clamav-users@lists.clamav.net
> > https://lists.clamav.net/mailman/listinfo/clamav-users
> >
> >
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> >
> > http://www.clamav.net/contact.html#ml
> >
> >
> > _______________________________________________
> >
> > clamav-users mailing list
> > clamav-users@lists.clamav.net
> > https://lists.clamav.net/mailman/listinfo/clamav-users
> >
> >
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> >
> > http://www.clamav.net/contact.html#ml
>
> --
> Cordialement / Best regards,
>
> Arnaud Jacques
> Gérant de SecuriteInfo.com
>
> Téléphone : +33-(0)3.44.39.76.46
> E-mail : a...@securiteinfo.com
> Site web : https://www.securiteinfo.com
> Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
> Twitter : @SecuriteInfoCom
>
> Securiteinfo.com
> La Sécurité Informatique - La Sécurité des Informations.
> 266, rue de Villers
> 60123 Bonneuil en Valois
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Reply via email to