[sanesecurity] Re: Q. about stdout "keywords" to distinguish between data sources

• From: Rob McEwen <rob@xxxxxxxxxxxxxxx>
• To: sanesecurity@xxxxxxxxxxxxx
• Date: Mon, 13 Feb 2012 21:38:27 -0500

On 2/13/2012 9:11 PM, Rob McEwen wrote:
> PS - Here is a follow-up question... is there a way to get ClamAv to
> search SOME signature DBs before others? That way, "low risk" could be
> put head of "medium risk" ones. That way, if a low risk one has a hit,
> its score wouldn't be watered down by a "high risk" rule hitting it
> first and then watering down the score, using the system described above.

OK... I feel kinda dumb because i opened the sigs in a multi-tabbed text
editor and I see that the answer is starting right at me in plain sight
because the signature names are in each rules line for each file, in
plain text.

But the follow-up question above is still valid.

Thanks!

-- 
Rob McEwen
http://dnsbl.invaluement.com/
rob@xxxxxxxxxxxxxxx
+1 (478) 475-9032

• References:
  • [sanesecurity] Q. about stdout "keywords" to distinguish between data sources
    • From: Rob McEwen

Other related posts:

• » [sanesecurity] Q. about stdout "keywords" to distinguish between data sources- Rob McEwen
• » [sanesecurity] Re: Q. about stdout "keywords" to distinguish between data sources - Rob McEwen
• » [sanesecurity] Re: Q. about stdout "keywords" to distinguish between data sources- Steve Basford

1. Home
2. sanesecurity
3. Archive
4. 02-2012

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---