[clamav-users] ClamAV® blog: ClamAV 0.99b Meets YARA!
Dennis Peterson
dennispe at inetnw.com
Wed Jun 10 14:50:08 UTC 2015
That is a pretty nice addition, Joel. Naturally somebody is going to ask if
there is an on-line rule testing utility anywhere so that might as well be me
:). I'm particularly interested in knowing if the linefeeds between the keyword
rule and the closing brace in the rules can be left out so the sig files can be
somewhat compressed.
Bonus points if a condition can be @rule and @rule2 not @rule3 so that rules can
be re-used as in a library.
dp
On 6/3/15 12:02 PM, Joel Esler (jesler) wrote:
> ClamAV 0.99b Meets YARA!
> The first beta release of ClamAV 0.99 is now on SourceForge! ClamAV 0.99 has some important new features to improve malware detection.
>
>
More information about the clamav-users
mailing list