[clamav-users] clamav 0.99 beta yara
Rahman, Mohammad "Babu"
Mohammad.Rahman at cshs.org
Fri Jun 26 15:56:11 UTC 2015
Can someone please tell me if ClamAV has any virsus scanner product for AIX? I have downloaded a binaries from open source (it says for AIX) but it does not compile. It has many compilation error.
Thanks,
-Babu
-----Original Message-----
From: clamav-users [mailto:clamav-users-bounces at lists.clamav.net] On Behalf Of Steven Morgan
Sent: Thursday, June 25, 2015 2:51 PM
To: ClamAV users ML
Subject: Re: [clamav-users] clamav 0.99 beta yara
Steve,
One more question: is Sansecurity planning to distribute yara signatures when 0.99 final is released? This will help with appropriate scheduling of any parameter implementations.
Thanks,
Steve
On Thu, Jun 25, 2015 at 3:20 PM, Steven Morgan <smorgan at sourcefire.com>
wrote:
> Steve,
>
> Thanks. We'll look into additional command line/clamd.conf options to
> select or exclude signature types. This might be best done if/when
> Cisco ships yara signatures, since currently users are responsible for
> the content and locations of database directories regarding yara and
> these can easily be managed using the --database/DatabaseDir parameters.
>
> We have not yet given much consideration to useful configuration and
> runtime parameters for yara, so if anyone has any other ideas/use
> cases for yara signatures, please add in.
>
> Thanks,
> Steve
>
> On Thu, Jun 25, 2015 at 6:35 AM, Steve Basford <
> steveb_clamav at sanesecurity.com> wrote:
>
>> Just a few more question to think about...
>>
>>
>> 3) Clamscan --official-db-only=yes
>>
>> Will that only apply to ndb's or to Yara too... or do we need
>> --official-yara-only=yes?
>>
>> 4) Clamscan --yara-signatures=no
>>
>> Will there be an option like the above to disable Yara sigs
>>
>> 5) Will there be an option to *only* use Yara sigs, eg.
>> --only-yara-dbs=yes and ignore ndb's
>>
>> So, options in both clamd.conf and clamscan... just to give people
>> flexability?
>>
>> Cheers,
>>
>> Steve
>> Web : sanesecurity.com
>> Blog: sanesecurity.blogspot.com
>>
>> _______________________________________________
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
>
>
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
IMPORTANT WARNING: This message is intended for the use of the person or entity to which it is addressed and may contain information that is privileged and confidential, the disclosure of which is governed by applicable law. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this information is strictly prohibited. Thank you for your cooperation.
More information about the clamav-users
mailing list