[Community-sigs] Creating Community signatures from MD5 hashes
Paul David Hood
paul.hood at it.ox.ac.uk
Fri Jan 8 06:58:37 EST 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
I am seeking a means to produce ClamAV signatures directly from MD5
signatures, rather than from a sample file which is then MD5'd.
I have found literature explaining how to create community signatures
from samples, but nothing that explains how to create signatures
directly from MD5 sigs.
We have a virtualised email analysis device that can easily output the
MD5s of 0-day threats it discovers and it is highly accurate, but lack
for a means to automatically incorporate its findings into our ClamAV
sensors.
If there is any way to do this, please let me know. The goal is to
provide these 0-days as a Community Database if they are welcome, but
in either case it would be a big help to us in improving our email
security.
All the best,
- --
Paul D. Hood, Computer Security Specialist &
Computer Security Incident Response Co-Ordinator
Network Security Team - OxCERT
IT Services, University of Oxford, 13 Banbury Road, Oxford, OX2 6NN
Telephone: +44 1865 282222 (OxCERT) +44 1865 273279 (Direct Line)
PGP KeyID: D1CE3CF9
http://www.it.ox.ac.uk/ | http://www.oucs.ox.ac.uk/network/security/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJWj6RtAAoJEE4/G+LRzjz5Ap0P/2UfeogvdIQxzFmAFx45TOXW
OGKy0s+Av2zr+YT65iQdlXmZ9QmQYoEmGaL5bRDcatjsBVU3kCJQGB1NDsGlXHMz
Vef63hW1+aP0eEECgAEGY4RDjK0LSEJ5osI8vZBAJwJOQb6on57GULJVpCMlTVki
9bycoMhdjGFMFp5WyCCZywQjMY7RySrxk0JDY2mzk9QPF0xZaLZ45dil+RgcEi+E
+ULeROjDOwnLMdPCGdu0HboIZsj4RyILIpxqbIbo70LcWBKHoW5KhDpLSR+ufSRx
NdYnLbgE7gaVrONGPEwrD0DbX0+rqjqeGg7T1EBEPvR1mX9+ALrjDQ7JGMO6zIPS
QucvLWhi7yME2eh9N8s1co9dS10zT9v4tOMjg/X73CWm7m9xlCtPLVypc1vtD1Bj
VC595c+8iAEA90uTiCt9CUhn02yVsmIm6sa9MDydzlSGIbAEImR07VCDsLgx3xzM
68l/gYwVoeDFloJBu0/2Ba37Cb48yknXRntJYcFDg40PUeaZ4zy9tmw0AjhoYodV
Gzn8J5wh/p9dQgvuqNBSYH1GDUuJ3zTV0LnMyuHwKi59Pw889sXNu26NzyJnB4Gd
LII8DGdTYJWPnQw0AnZ1o7m2qY7G9raRubD5+gEvQ8NyCGQeVp55rTP2KvplLSmO
FF+SyWPObIYKfYN7AWaS
=V0nu
-----END PGP SIGNATURE-----
More information about the Community-sigs
mailing list