[sanesecurity] Re: Sanesecurity.Phishing.Bank

• From: Chris <cpollock@xxxxxxxxxxxxxx>
• To: sanesecurity@xxxxxxxxxxxxx
• Date: Mon, 07 Mar 2011 19:08:34 -0600

On Mon, 2011-03-07 at 18:10 -0600, Daniel McDonald wrote:
> 
> 
> On 3/7/11 5:36 PM, "Chris" <cpollock@xxxxxxxxxxxxxx> wrote:
> 
> > Received a spam today that had an attachment that had an .html extension
> > which in reality was a javascript file. When running the attachment
> > through clamdscan it was tagged as Sanesecurity.Malware.14565.UNOFFICIAL
> > FOUND. Shouldn't the malware have been picked up along with the phishing
> > or instead of?
> 
> That's one of the clamav limitations - it only records one match.  And there
> is no priority system for "more important" matches, so if a file will hit
> multiple signatures, a random one will be reported.
> 
> 

I see, thanks Dan, appreciate it.

-- 
Chris
KeyID 0xE372A7DA98E6705C
31.11°N 97.89°W (Elev. 1092 ft)

• References:
  • [sanesecurity] Re: Sanesecurity.Phishing.Bank
    • From: Daniel McDonald

Other related posts:

• » [sanesecurity] Sanesecurity.Phishing.Bank- Chris
• » [sanesecurity] Re: Sanesecurity.Phishing.Bank- Daniel McDonald
• » [sanesecurity] Re: Sanesecurity.Phishing.Bank - Chris
• » [sanesecurity] Re: Sanesecurity.Phishing.Bank- GrayHat
• » [sanesecurity] Re: Sanesecurity.Phishing.Bank- Daniel McDonald
• » [sanesecurity] Re: Sanesecurity.Phishing.Bank- GrayHat

1. Home
2. sanesecurity
3. Archive
4. 03-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---