Hi there,
On Tue, 16 Feb 2010 Matus UHLAR wrote:
> > On Tue, 9 Feb 2010 beshoo wrote:
> >
> > > i need to scan the post data , not the POST uploaded files
>
> On 09.02.10 11:27, G.W. Haywood wrote:
> >
> > man clamd
> >
> > Look for 'INSTREAM'.
>
> he is apparently searching for http server modul
On Feb 13, 2010, at 4:02 PM, Alain Zidouemba wrote:
Tom,
You can find the answer in the attached document.
On Feb 13, 2010 5:49 PM, "Tom Shaw" wrote:
How does one determine what TargetType ClamAV will assign to a file or
attachment? I have been all through the docs and wiki and can find no
>
> Attached document? I did not see an attachment. Can you send a link?
Is this the TargetType you are after...
2.3.4 Extended signature format
The extended signature format allows for specification of additional
information such as a target file type, virus offset or engine version,
making t
Attached document? I did not see an attachment. Can you send a link?
Is this the TargetType you are after...
2.3.4 Extended signature format
The extended signature format allows for specification of additional
information such as a target file type, virus offset or engine
version,
maki
At 4:15 PM + 2/16/10, Steve Basford wrote:
>
Attached document? I did not see an attachment. Can you send a link?
Is this the TargetType you are after...
2.3.4 Extended signature format
The extended signature format allows for specification of additional
information such as a target
Tom:
Is this the answer you were looking for?
--
Alain S. Zidouemba
Research Engineer, Vulnerability Research Team
SOURCEfire
Tel: 1(410)423-4764
email: alain.zidoue...@sourcefire.com
2010/2/15 Alain Zidouemba
> Courtesy of Edwin:
>
> The file type is determined by signatures in daily.ftm (o
On 02/16/2010 09:15 PM, Tom Shaw wrote:
> At 4:15 PM + 2/16/10, Steve Basford wrote:
>> >
>>
>>> Attached document? I did not see an attachment. Can you send a link?
>>
>> Is this the TargetType you are after...
>>
>>
>> 2.3.4 Extended signature format
>>
>> The extended signature format allo
On 02/16/2010 09:15 PM, Tom Shaw wrote:
At 4:15 PM + 2/16/10, Steve Basford wrote:
>
Attached document? I did not see an attachment. Can you send a link?
Is this the TargetType you are after...
2.3.4 Extended signature format
The extended signature format allows for specificat
Thanks, Alain. This helps. Let me noodle on the information. Is there
a definition of the .fmt file or will I have to look through the code?
Thanks, again,
Tom
At 3:01 PM -0500 2/16/10, Alain Zidouemba wrote:
Tom:
Is this the answer you were looking for?
--
Alain S. Zidouemba
Research Engin
On 02/16/2010 10:20 PM, Tom Shaw wrote:
> Thanks SO much, Edwin!
>
> Is there a def of .fmt format?
You can look at the example in daily:
sigtool --unpack-current daily
cat daily.ftm
0:0:425a68:BZip:CL_TYPE_ANY:CL_TYPE_BZ
0: this is a static signature (no wildcards), anchored at an offset
0: of
Tom Shaw wrote:
Is there a def of .fmt format?
Hi Tom,
Ah, see what you wanted now ;)
BTW, don't forget Sanesecurity has had additional types for a while now,
in sanesecurity.ftm and distributed on the mirrors.
Cheers,
Steve
Sanesecurity
___
11 matches
Mail list logo
