Cool !! So at end Emanuele did it :) !Yes, he did and we are adding more feeds. Presently we have a small overlap (because there are TONS on cracked sites now. We are working to better categorized and higher detection rate.
This is *good* news :) ! As for the cracked sites... did you consider setting
up something like the "project honeypot" (www.projecthoneypot.org) kind ofaccess ? I mean, some kind of "API" to allow spamfilters to use the list even w/o the need to run an "AV scan" ... see, I'm in contact with the folks which
are in charge of ASSP development and some "open API" would be cool :D
A question; are the complete sigs fully added to the winnow DBs or are you performing some kind of "filtering" on them ? Just curious; as a note I've been testing those sigs (and I think Steve did the same) for a while by directly fetching them from the bofhland page :D
I just decided that Emanuele and I had such good results using his and mine that I would do something for get it out there. Looks like we found traction ;-) I have been talking to Steve and I hope he will be adding directly instead. As Steve said its cleaner.
Aye, saw Steve's post and, at a point, I was wondering if there was someoverlap (that is, winnow + bofhland) but now I see this isn't the case; all in all, I think this is a good idea since it will allow more "fine tuning" :) what
else... yeah, if someone here needs a "win" download script, just holler, nothing fancy, mind me, but since I *had* to write it, I decided to put ittogether to be flexible enough :)