[sanesecurity] Re: Long DB refresh times

From: "Emanuele Balla (aka Skull)" <skull@xxxxxxxxxxxx>
To: sanesecurity@xxxxxxxxxxxxx
Date: Thu, 26 Apr 2012 09:20:22 +0200

On 4/26/12 8:50 AM, Grayhat wrote:

> Emanuele... not sure it's doable nor if you can/want take the time to
> do it but... in a past we discussed the same thing (timeframe) while
> dealing with "InetMsg-Spamdomains"; the solution (ok the approach) was
> to have separate signature files ... so one may either pick the "2
> weeks" one or the bigger "2 months" one

This will be extremely easy to do for me: all the sigs are stored in a
DB and choosing the timeframe is just a matter of how to compose the
query that extracts them.

If you think it's going to help, I can generate a separate malware
sigfile with -say- the last 2 weeks only.
Not sure it's worth generating one for each db: the cracked and phishing
URLs are much more persistent and smaller in size so the 3 months
timeframe is probably OK for those...

Follow-Ups:
- [sanesecurity] Re: Long DB refresh times
  - From: Grayhat
- [sanesecurity] Re: Long DB refresh times
  - From: David Mayo

References:
- [sanesecurity] Long DB refresh times
  - From: David Mayo
- [sanesecurity] Re: Long DB refresh times
  - From: Steve Basford
- [sanesecurity] Re: Long DB refresh times
  - From: Henrik K
- [sanesecurity] Re: Long DB refresh times
  - From: TR Shaw
- [sanesecurity] Re: Long DB refresh times
  - From: Paul Enlund
- [sanesecurity] Re: Long DB refresh times
  - From: Steve Basford
- [sanesecurity] Re: Long DB refresh times
  - From: Emanuele Balla (aka Skull)
- [sanesecurity] Re: Long DB refresh times
  - From: Grayhat

Other related posts:

» [sanesecurity] Long DB refresh times- David Mayo
» [sanesecurity] Re: Long DB refresh times- Michael Orlitzky
» [sanesecurity] Re: Long DB refresh times- micah anderson
» [sanesecurity] Re: Long DB refresh times- Richard Doyle
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- micah anderson
» [sanesecurity] Re: Long DB refresh times- Henrik K
» [sanesecurity] Re: Long DB refresh times- TR Shaw
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- Gerard Seibert
» [sanesecurity] Re: Long DB refresh times- Richard Doyle
» [sanesecurity] Re: Long DB refresh times- TR Shaw
» [sanesecurity] Re: Long DB refresh times- Paul Enlund
» [sanesecurity] Re: Long DB refresh times- Severus
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Emanuele Balla (aka Skull)
» [sanesecurity] Re: Long DB refresh times- Severus
» [sanesecurity] Re: Long DB refresh times- David Mayo
» [sanesecurity] Re: Long DB refresh times- John Horne
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- John Horne
» [sanesecurity] Re: Long DB refresh times- Paul Enlund
» [sanesecurity] Re: Long DB refresh times- Gerard Seibert
» [sanesecurity] Re: Long DB refresh times- Henrique de Moraes Holschuh
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- TR Shaw
» [sanesecurity] Re: Long DB refresh times- Emanuele Balla
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- Alan Stern
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Emanuele Balla
» [sanesecurity] Re: Long DB refresh times- Emanuele Balla
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Steve Basford
» [sanesecurity] Re: Long DB refresh times- Robo Kupka
» [sanesecurity] Re: Long DB refresh times- Cernohorsky Wolfgang
» [sanesecurity] Re: Long DB refresh times- Severus
» [sanesecurity] Re: Long DB refresh times- TR Shaw