[sanesecurity] How to "read" the Signaturedatabases

• From: Steffen Ille <steffen@xxxxxxxxxxxxxxx>
• To: sanesecurity@xxxxxxxxxxxxx
• Date: Thu, 25 Nov 2010 09:37:59 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear List,
maybe I didn't enough RTFM, but I have a question:
My Virus-Stats https://hosting.the-hall.info/stats/virus.php
say, that there are 15 detections this signature:
INetMsg.SpamDomain-2w.rockitbaby_eu.UNOFFICIAL

The Problem is, this is one if MY domains :-(
And this guy does not send Spam - for sure.

How can I check the Database-Files (main & inofficial) for what they
have in them? Is there a possibility to get all those rule-names out of
them and/or how to check if an rule/signature matches a single mail?

Any hint would be apprechiated, even if it is "use google" - but search
for what?

Thanks, Steffen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)

iQIcBAEBAgAGBQJM7iBnAAoJEFL1nQvbDtDi1VUP/iz03+y+WhOMLzJHeROf8qRR
xAEIP+BzTUdoUFpZJ0oMBdVJ4VApcAhgycwWBMlHqUl01oWqpSMkqhhpF9d8YW1i
hthQWARWCDbySN798nCxrwGacc3IIg2n+jbCpE9x3L5RdUhmLtZdCDjEctqwm1kL
nGpyd6jt08iegQvx3+hLHiTeJ4cAqmlq8Q0IEztMgNsQQ98OWnU6zMUparSMpkHy
uCp5ScNKb8k7f3EOr2x9ccIXQI45CtcmOVG8FH8CMRJb6ADnzLN+5Jkj7iGdKOV3
Tzpk22v0ZG8/T4jUb2NLi3P7bqffCJgVkSuyykM2RhmvQiDhZuoOgzuC75mZBW8C
Pipojf+Af8HhXW1xddIICX7b1wkpEKQ9zO7Z/TmNEnJkl414f2liNwzwAbbwfD9D
GB4+E5C/tNxJaYq+iy/bod/D+sk27OxLqi8ynQki/6OKCTrMZcQCoTEvXDrGjmv3
7c5qfPLwaO1v+tSGBsm0LJ8ZgYxaOweu4GdZcNucRd4Mk8l7mprNh1aGGHtqha4k
urulSgX/KMwGi4w4gPWoyCeYbBaq2bmhSerhUAk05JR7UQjRUPF7vqs/vXVGXlzY
hiBYig0aRw9ZmRpYKsQkxkvwhMO8s+umkXkscQLYCfIsPIRi8AynH4SAJxqs8wtk
w4/4MpII+sTLG5GjqNLa
=TL5s
-----END PGP SIGNATURE-----

begin:vcard
fn:Steffen Ille
n:Ille;Steffen
org;quoted-printable:Bauhaus-Universit=C3=A4t Weimar;SCC
adr;quoted-printable;quoted-printable:;;Steubenstra=C3=9Fe 
6a;Weimar;Th=C3=BCringen;99423;Deutschland
email;internet:steffen@xxxxxxxxxxxxxxx
title:Dip.-Ing. (BA)
tel;work:+49(0)3643-582413
tel;fax:+49(0)3643-582402
tel;home:+49(0)36427-21529
tel;cell:+49(0)176-21201127
url:http://www.uni-weimar.de
version:2.1
end:vcard

Other related posts:

• » [sanesecurity] How to "read" the Signaturedatabases- Steffen Ille
• » [sanesecurity] How to "read" the Signaturedatabases - Steffen Ille
• » [sanesecurity] Re: How to "read" the Signaturedatabases- Benny Pedersen
• » [sanesecurity] Re: How to "read" the Signaturedatabases- Steve Basford
• » [sanesecurity] Re: How to "read" the Signaturedatabases- Bill Landry

1. Home
2. sanesecurity
3. Archive
4. 11-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---