At 12:21 AM 2/28/2006, Tomi Hakala wrote:
Noel Jones wrote:
> First unpack the *.cvd files (using sigtool --unpack)
then edit the
> resulting *db text files to remove the offending signatures.
>
> Next move all the *db files to some other directory.
Tell clam to use
> the new directory with th
Noel Jones wrote:
> First unpack the *.cvd files (using sigtool --unpack) then edit the
> resulting *db text files to remove the offending signatures.
>
> Next move all the *db files to some other directory. Tell clam to use
> the new directory with the DatabaseDirectory directive in clamd.conf or
At 11:42 PM 2/27/2006, Tomi Hakala wrote:
Hello,
Is there a way to disable any single signature by hand?
First unpack the *.cvd files (using sigtool --unpack) then
edit the resulting *db text files to remove the offending
signatures.
Next move all the *db files to some other directory. Te
Hello,
Is there a way to disable any single signature by hand?
I'm asking this because of I think that I'm seeing false positives
with XF.Sic.L but I cannot be certain as I don't have any of those
FP files available.
What makes me think of false positive is that I am running Kaspersky
and Sophos
I'm trying to add a couple of custom phishing signatures using .ndb
files within clamav's database directory
For testing purposes I've used a simple phrase "Dear Paypal Members" and
created a hex key for it
Email.Phishing.Paypal.Test.0227001:0:*:446561722050617950616c204d656d6265720a
I've als
> > >> BTW, how do you make the stats? Do you run two seperate clamd
> > >> instances, one with official databases and the other one with Steve's
> > >> sigs only?
> > >>
> > >
> > > The milter I use records the name and time of the found virus/phishing
> > > file
> > > in a table. I sort out two l
> >
> > The milter I use records the name and time of the found virus/phishing
> > file
> > in a table. I sort out two lists based on names.
>
> So, if one particular phish signature is listed in the official ClamAV
> database, and is also listed in the user maintained database (phish.ndb),
> w
On Mon, 27 Feb 2006 16:50:50 -0800
"Bill Landry" <[EMAIL PROTECTED]> wrote:
> - Original Message -
> From: "Dennis Peterson" <[EMAIL PROTECTED]>
>
> >> On Sun, 26 Feb 2006 15:27:57 -0800
> >> Dennis Peterson <[EMAIL PROTECTED]> wrote:
> >>
> >> > The follow-up. Steve - your list found ov
- Original Message -
From: "Dennis Peterson" <[EMAIL PROTECTED]>
On Sun, 26 Feb 2006 15:27:57 -0800
Dennis Peterson <[EMAIL PROTECTED]> wrote:
> The follow-up. Steve - your list found over 3,000 Phishing attempts
> while=
the=20
> ClamAV list found just over 300. This is since Feb.
>
> On Sun, 26 Feb 2006 15:27:57 -0800
> Dennis Peterson <[EMAIL PROTECTED]> wrote:
>
> > The follow-up. Steve - your list found over 3,000 Phishing attempts while=
> the=20
> > ClamAV list found just over 300. This is since Feb. 2. I didn't expect th=
> at.=20
> > Thanks, bud!
>
> BTW, how do
On Sun, 26 Feb 2006 15:27:57 -0800
Dennis Peterson <[EMAIL PROTECTED]> wrote:
> The follow-up. Steve - your list found over 3,000 Phishing attempts while the
> ClamAV list found just over 300. This is since Feb. 2. I didn't expect that.
> Thanks, bud!
BTW, how do you make the stats? Do you run
On Feb 27, 2006, at 05:03, Mark Grieveson wrote:
I just installed clamav on Debian Sarge, using packages from the
debian-volatile repository. When I test the daemon with ping, I do
not get the answer "pong", which I've read somewhere that I
should. Any idea how I can be sure the daemon i
On Mon, 27 Feb 2006 08:03:37 -0500
Mark Grieveson <[EMAIL PROTECTED]> wrote:
> I just installed clamav on Debian Sarge, using packages from
> the debian-volatile repository. When I test the daemon with
> ping, I do not get the answer "pong", which I've read
> somewhere that I should. Any idea
> I just installed clamav on Debian Sarge, using packages from the
> debian-volatile repository. When I test the daemon with ping, I do not
> get the answer "pong", which I've read somewhere that I should. Any
> idea how I can be sure the daemon is working? Can it be set to check
> mail coming i
I just installed clamav on Debian Sarge, using packages from the
debian-volatile repository. When I test the daemon with ping, I do not
get the answer "pong", which I've read somewhere that I should. Any
idea how I can be sure the daemon is working? Can it be set to check
mail coming in to t
On Sunday 26 Feb 2006 14:01, Steve Basford wrote:
> Hi,
>
> You'll all be glad to hear I don't intend to post here every time I do
> an update of the sigs,
> but as I've added a few sigs today and updated the main website a
> little, I thought post to the list:
>
> http://www.sanesecurity.com/clama
16 matches
Mail list logo
