IDS mailing list archives
Writing signatures for e-mail virus attachments
From: c_sek_har () yahoo co in
Date: 3 Feb 2006 04:38:54 -0000
HI How can I write a signature for a virus which is coming as an attachment? The attachment may be done by using base64 or binhex encoding. Shall I have to create signature for each type? Has anybody implemented the idea of decoding the attachment (IDS) and then parsing the file to look for some pattern? Regards, Babu ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
Current thread:
- Writing signatures for e-mail virus attachments c_sek_har (Feb 06)
- Re: Writing signatures for e-mail virus attachments lucien Fransman (Feb 07)
- Re: Writing signatures for e-mail virus attachments David W. Goodrum (Feb 07)
- <Possible follow-ups>
- Re: Writing signatures for e-mail virus attachments anonymous (Feb 07)
- RE: Writing signatures for e-mail virus attachments Matthew Conover (Feb 13)