We help IT Professionals succeed at work.

Sigtool clamav

llvllar1on
llvllar1on asked
on
2,154 Views
Last Modified: 2013-11-22
how to use Sigtool.
I found a sample for sigtool. but I cannot understand.
I know sigtool is used to generate virus signature , how can I prove it from clamav.

Test Data For the virus to be detected during the testing, the content of packet sent must match the data in the database directory. using the ClamAV sigtool this can be done

  sigtool --unpack-current daily.cvd
using sigtool generate the hex for the data to be sent

  sigtool --hex-dump
  virus.295.b
  output is 76697275732E3239352E620a
This signature can be stored in daily.db file in the format below

MalwareName=HexSignature using prefixes like DOS, Trojan, Worm etc for virus names. Example

     DOS.vs.295b (Clam)=76697275732E3239352E62
Comment
Watch Question

Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.