[sanesecurity] Re: URGENT: Massive FP on Sanesecurity.Jurlbl.5624.UNOFFICIAL

From: Richard Lynch <rich@xxxxxxxxxxxxxx>
To: sanesecurity@xxxxxxxxxxxxx
Date: Mon, 13 Jul 2009 11:45:03 -0400

Wolfgang Zeikat wrote:

Hi,

On 07/13/2009 05:09 PM, Tom Shaw wrote:
2: add the sig to local.ign
I would appreciate a step by step instruction how to do that (maybeI have missed that here earlier ...).
clamav-unofficial-sigs.sh -b
  and follow directions.
thanks. We don't use clamav-unofficial-sigs.sh, though.
From studying that script, I assume that a file called local.ign hasto be placed into the database directory (/var/clamav/ here).
What would be the syntax in that file to ignore Sanesecurity.Jurlbl.5624?

Regards,

wolfgang

It all documented in the signatures.pdf file that comes with ClamAVsource. Basically, it's "dbname:line_no:sig_id". In this case you'dneed a line in local.ign that looks like this....


sanesecurity-jurlbl.ndb:5624:Sanesecurity.Jurlbl.5624

~rich




--

References:
- [sanesecurity] URGENT: Massive FP on Sanesecurity.Jurlbl.5624.UNOFFICIAL
  - From: Matthias Hank
- [sanesecurity] Re: URGENT: Massive FP on Sanesecurity.Jurlbl.5624.UNOFFICIAL
  - From: Benny Pedersen
- [sanesecurity] Re: URGENT: Massive FP on Sanesecurity.Jurlbl.5624.UNOFFICIAL
  - From: Wolfgang Zeikat
- [sanesecurity] Re: URGENT: Massive FP on Sanesecurity.Jurlbl.5624.UNOFFICIAL
  - From: Tom Shaw
- [sanesecurity] Re: URGENT: Massive FP on Sanesecurity.Jurlbl.5624.UNOFFICIAL
  - From: Wolfgang Zeikat

[sanesecurity] Re: URGENT: Massive FP on Sanesecurity.Jurlbl.5624.UNOFFICIAL

Other related posts: