[Community-sigs] How to maintain human readable signature database?
Do
do1 at yandex.ru
Sat Mar 26 18:11:42 EDT 2016
Hello Rafael,
Is it possible to convert YARA rules into ClamAV ones?
For use in earlier clamav versions, such as 0.98.
Also, I wonder if somebody successfuly used using template engines or macro
processors like jinja2 or even m4 for rule development.
27.03.2016, 00:17, "Rafael Ferreira" <raf at uvasoftware.com>:
> Clamav (as of 0.99) supports YARA rules (see https://plusvic.github.io/yara/ <https://plusvic.github.io/yara/>) which are, objectively, more human friendly.
>
>> On Mar 26, 2016, at 2:14 PM, Do <do1 at yandex.ru> wrote:
>>
>> Hello,
>>
>> Current signatures format is machine readable hex string dump sort of like
>> machine code.
>>
>> How developers maintain signature database, in a way so it's will be possible to
>> add comments, write some strings in text instead of pure hex, so it all become
>> bit more human readable, structured, and self-documented?
>> What are suggestions on that?
>>
>> Best regards,
>> _______________________________________________
>> Community-sigs mailing list
>> Community-sigs at lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>>
>> http://www.clamav.net/contact.html#ml
>
> _______________________________________________
> Community-sigs mailing list
> Community-sigs at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>
> http://www.clamav.net/contact.html#ml
More information about the Community-sigs
mailing list