Fwd: maldet alert from TCP-IDS

[Scott Spangler <scott.spangler () devopsglobalsolutions com>]

Dear Snort Signature Community:

Please see the contents below, as I wanted to bring to your attention, that
a recent Pulledpork download of Snort community-rules contained a malware
virus. The malware virus was immediately quarantined using Linux Maldect on
the Snort IDS host.

Regards,

Scott Spangler


---------- Forwarded message ----------
From: root <root@tcp-ids.localdomain>
Date: Fri, Mar 17, 2017 at 11:28 PM
Subject: maldet alert from TCP-IDS
To: scott.spangler () devopsglobalsolutions com


HOST:      TCP-IDS
SCAN ID:   170318-0328.10906
STARTED:   Mar 18 2017 03:28:48 +0000
COMPLETED: Mar 18 2017 03:28:59 +0000
ELAPSED:   11s [find: 0s]

PATH:
RANGE:         1 days
TOTAL FILES:   4
TOTAL HITS:    1
TOTAL CLEANED: 0

FILE HIT LIST:
{YARA}eval_post : /tmp/community-rules.tar.gz => /usr/local/maldetect/
quarantine/community-rules.tar.gz.2689929416
===============================================
Linux Malware Detect v1.6 < proj () rfxn com >

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

http://www.snort.org

Please visit http://blog.snort.org for the latest news about Snort!

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!