Thanks it is not easy getting Squid proxy to work with ssl intercept and to 
have ClamAV scan for issues inside a firewall. It’s impressive. Thanks for all 
you do ClamAV team. 
Sent from my iPhone
> On Dec 18, 2024, at 01:27, Ralf Hildebrandt via clamav-users 
> <clamav-users@lists.clamav.net> wrote:
> 
> * Jonathan Lee via clamav-users <clamav-users@lists.clamav.net>:
> 
>> instream(local): vhxtdQ.sigs.InterServer.net.SHA256.21881.UNOFFICIAL FOUND
> 
> # sigtool --find-sig=vhxtdQ.sigs.InterServer.net.SHA256.21881
> [interserver256.hdb]
> 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21:17174:vhxtdQ.sigs.InterServer.net.SHA256.21881
> 
> in this case, "vhxtdQ.sigs.InterServer.net.SHA256.21881" is a
> signature, based on a SHA256 checksum of a file.
> 
>> instream(local): 
>> sigs.InterServer.net.HEX.Topline.194.150.117.29.371.UNOFFICIAL FOUND
> 
> # sigtool --find-sig=sigs.InterServer.net.HEX.Topline.194.150.117.29.371
> [interservertopline.db]
> sigs.InterServer.net.HEX.Topline.194.150.117.29.371=32615f6269727375686964772e706870
> 
> this can be decoded:
> 
> # sigtool --find-sig=sigs.InterServer.net.HEX.Topline.194.150.117.29.371 | 
> sigtool --decode-sigs
> VIRUS NAME: sigs.InterServer.net.HEX.Topline.194.150.117.29.371
> DECODED SIGNATURE:
> 2a_birsuhidw.php
> 
> --
> Ralf Hildebrandt
> Charité - Universitätsmedizin Berlin
> Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration
> Invalidenstraße 120/121 | D-10115 Berlin
> 
> Tel. +49 30 450 570 155
> ralf.hildebra...@charite.de
> https://www.charite.de
> _______________________________________________
> 
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
> 
> https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Reply via email to