clamav-users June 2008 archive
Main Archive Page > Month Archives  > clamav-users archives
clamav-users: [Clamav-users] Third-Party Signatures: Sanesecurit

[Clamav-users] Third-Party Signatures: Sanesecurity

From: Steve Basford <steveb_clamav_at_nospam>
Date: Thu Jun 12 2008 - 19:11:54 GMT
To: ClamAV users ML <clamav-users@lists.clamav.net>


Sorry to hijack the list...just a few quick updates:

  1. Signature Tests

I've introduced a few Sanesecurity Signature tests, to help you make sure you are getting the best out of the signatures available. Make sure you pass all three tests (scroll down page) here:

http://www.sanesecurity.com/clamav/usage.htm

2. Third Party signature names:

Just a reminder, some of the download scripts, also download signatures from other Third-Party signature makers, so, if you have a problem with any of the signatures, look at the signature name to see who produced it... here's a brief guide on who to contact (*see above link*)

Sanesecurity: produced by Sanesecurity
MSRBL-Images or MSRBL-SPAM: produced by MSRBL MBL: produced by Malware Block List
-SecuriteInfo.com: produced by SecuriteInfo

Any other signature name, usually mean it's an official ClamAV signature.

3. New Project: Bounce

We've all been hit with backscatter/bounces/joejobs from time to time... this ClamAV .ndb formatted standalone database, can be used to block a large portion of these bounce/backscatter messages, while you are "under attack".

  • Now, the most important bit... this signature database *** will block *** legitmate bounce messages, as well as fake bounce messages, so it should only be used for a short period of time, until things return to normal.***

More details here:
http://www.sanesecurity.com/clamav/bounce.htm

4. Updated Project: PhishBar

Using this signature database scan you hosted websites and seeing if any of your users have phishing sites stored in their home directories/user space.

More details here:
http://www.sanesecurity.com/clamav/phishbar.htm

Have a good weekend everyone,

Cheers,

Steve
Sanesecurity



Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html