On 1/29/06, Mar Matthias Darin <[EMAIL PROTECTED]> wrote:
>
> If this methodology catches 80% of viruses, then it is indeed worth the
> investment, if it catches only 20%, is the approach still worth the time and
> resources to develop, refine, and maintain it.
At the proxy level it should work re
Thanks Michael
Ken
On Sun, 29 Jan 2006, Michael Torrie wrote:
> On Sun, 2006-01-29 at 06:31 -0800, [EMAIL PROTECTED] wrote:
> > Rob,
> >
> > Thanks for the response. I did check through this site first. I found some
> > references to the named viruses on this site but they were very old, and
Hi folks,
Sorry for the top-post and new thread, but I just subscribed cuz I
saw this thread in the wild. Note that there is a SquirrelMail plugin
that does scan for viruses, but it does so at login, and I think it
scans everything in the INBOX (not sure about subfolders) horribly
bad idea
Oliver Stöneberg wrote:
So these are Phishing mails, that are not recognised by ClamAV, but
by your signatures.
If I scan the complete set with your signatures a lot of mails
already recognised by ClamAV are actually recognised by your
signatures, so there are quite some duplicates in your s
Hello,
Look at http://clamav.net/3rdparty.html#other
What you describe is similar to Endian Firewall, Snort-ClamAV, Snort-inline and
perhaps RedWall Firewall.
I have looked at them and their source code before. These do not answer the
questions of feasibility and practicality of a packet l
You should really cleanup your signatures. I have a Phishing set of
512 Phishing of which 23 are not recognised by ClamAV. From those
only 4 are captured by your signatures, which are the following:
d:\_ham-mails\_scan/phishing.070:
Html.Phishing.Bank.Sanesecurity.05080100 FOUND
d:\_ham-mails\_
On 1/29/06, Steve Basford <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Firstly, I've done an update to the Unofficial Phishing Signatures.
>
> Secondly... will whoever is using ip address 216.35.188.119, please sort
> out their wget config file:
A quick WhoIS check says it's mail.mrball.net (POC todd mrb
Hi,
Firstly, I've done an update to the Unofficial Phishing Signatures.
Secondly... will whoever is using ip address 216.35.188.119, please sort
out their wget config file:
216.35.188.119 - - [29/Jan/2006:20:36:01 +] "HEAD /clamav/phish.ndb
HTTP/1.0" 200 0 "-" "Wget/1.10.2"
216.35.188.11
On Sun, 2006-01-29 at 06:31 -0800, [EMAIL PROTECTED] wrote:
> Rob,
>
> Thanks for the response. I did check through this site first. I found some
> references to the named viruses on this site but they were very old, and
> there for came to the conclustion we were not talking about the same
> viru
Please do not send any more messages. Thank you.
___
http://lurker.clamav.net/list/clamav-users.html
Rob,
Thanks for the response. I did check through this site first. I found some
references to the named viruses on this site but they were very old, and
there for came to the conclustion we were not talking about the same
virus. I also checked every comerical virus site that I could find, but
cou
On 1/29/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> Why would say this? Is this list not about clamav and viruses?
I suspect the posters point is that it's pretty obvious you've put
zero effort into finding the answer for yourself.
Try reading the page on "Virus Naming" on the ClamAV sit
12 matches
Mail list logo
