Hi Steve,
Is the .sig for malware.expert.hdb missing, or is it just me...
Regards
Keith Brazington
On 9 March 2017 at 12:49, Steve Basford <steveb_clamav@xxxxxxxxxxxxxxxx>
wrote:
Hi All,
New databases are now on the mirrors...
Database: foxhole_mail.cdb
Description: block any mail that contains a possible dangerous attachments
such as: js, jse, exe, bat, com, scr, uue, ace, pif, jar, gz, lnk, lzh.
FP Risk: High
The following databases are distributed by Sanesecurity, but produced by
malware.expert
General Description: Signatures Detect malware from PHP files. Signatures
are generated for real life PHP malware from live Web Hosting Servers
malware.expert.fp:
Description: found to be false positive malware
FP Risk: Med
Database: malware.expert.hdb
Description: statics MD5 pattern for files
FP Risk: Low
Database: malware.expert.ldb
Database: foxhole_mail.cdb
Description: which use multi-words search for malware in files.
FP Risk: Med
Database: malware.expert.ndb
Description: Generic Hex pattern PHP malware, which can cause false
positive alarms
FP Risk: Med
--
Cheers,
Steve
Twitter: @sanesecurity
