[sanesecurity] How to "read" the Signaturedatabases

• From: Steffen Ille <steffen@xxxxxxxxxxxxxxx>
• To: sanesecurity@xxxxxxxxxxxxx
• Date: Thu, 25 Nov 2010 09:37:50 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear List,
maybe I didn't enough RTFM, but I have a question:
My Virus-Stats https://hosting.the-hall.info/stats/virus.php
say, that there are 15 detections this signature:
INetMsg.SpamDomain-2w.rockitbaby_eu.UNOFFICIAL

The Problem is, this is one if MY domains :-(
And this guy does not send Spam - for sure.

How can I check the Database-Files (main & inofficial) for what they
have in them? Is there a possibility to get all those rule-names out of
them and/or how to check if an rule/signature matches a single mail?

Any hint would be apprechiated, even if it is "use google" - but search
for what?

Thanks, Steffen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)

iQIcBAEBAgAGBQJM7iBeAAoJEFL1nQvbDtDi1z8P/1nKj9802qXMptFNTjXGwtJC
LB8xlLZT/H3ViUPR7/rv683Jjz6FwXoVMvApSbZbulh32oQuxdDUmEZ2QyqjEm9j
E4DaqdummqtTkTlLftQHthhVIXEhcgEA//lfdN9x5NppwUECjU05ugC9JMhCDpso
LCb+Tp+oMC/Jah0ZCcLlWQYj+Jos4P+239ex346Y8AjdjGzBtivBiVkGoefnorVP
lbkF6kDd1WlPSexVUyHTDsicp1G07cTyizX19dem1TJwcqkF30wlFlq5zbHMHnWe
4azMB6l0N//TFHmrfv5wpHhA5xPPj6DdY6/UjilIyieGhKNqEuw577Ssc1pTABKK
+KscdMWXnd47nk3Jq1BOtDr2a/To/wS09FuPkxg5DKlroe13P92Nnh0pnW/Qame0
sYIRmzoNZBwc+hEYhX2ZkMNp3drd0ODnppQp2AZ0jE3K34Taig1AoOC18UPM5a81
MyUgJZrR0LxuGj+ZDFVWnVXhF86s6mzPdpMx51FXhUdMatzgr/47fROKkRC9T5AZ
iBvzcVUVA5e/7xiXR8iwFhNWwCdXkGdKGxDqUPZNFKMcOE5UwKkJSPO5EMycqC2O
flMRxhJK4fUbJZ/k+00+Ev/n8hxeBNv5oFNhYPwE9yUxvmLRI4sQSQ0gUm7HXKb8
YXCTMyUU7uhNBa2fkzru
=IhT8
-----END PGP SIGNATURE-----

begin:vcard
fn:Steffen Ille
n:Ille;Steffen
org;quoted-printable:Bauhaus-Universit=C3=A4t Weimar;SCC
adr;quoted-printable;quoted-printable:;;Steubenstra=C3=9Fe 
6a;Weimar;Th=C3=BCringen;99423;Deutschland
email;internet:steffen@xxxxxxxxxxxxxxx
title:Dip.-Ing. (BA)
tel;work:+49(0)3643-582413
tel;fax:+49(0)3643-582402
tel;home:+49(0)36427-21529
tel;cell:+49(0)176-21201127
url:http://www.uni-weimar.de
version:2.1
end:vcard

• Follow-Ups:
  • [sanesecurity] Re: How to "read" the Signaturedatabases
    • From: Benny Pedersen
  • [sanesecurity] Re: How to "read" the Signaturedatabases
    • From: Steve Basford
  • [sanesecurity] Re: How to "read" the Signaturedatabases
    • From: Bill Landry

Other related posts:

• » [sanesecurity] How to "read" the Signaturedatabases - Steffen Ille
• » [sanesecurity] How to "read" the Signaturedatabases- Steffen Ille
• » [sanesecurity] Re: How to "read" the Signaturedatabases- Benny Pedersen
• » [sanesecurity] Re: How to "read" the Signaturedatabases- Steve Basford
• » [sanesecurity] Re: How to "read" the Signaturedatabases- Bill Landry

1. Home
2. sanesecurity
3. Archive
4. 11-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---