IDS mailing list archives

Writing signatures for e-mail virus attachments

From: c_sek_har () yahoo co in
Date: 3 Feb 2006 04:38:54 -0000

HI
  
  How can I write a signature for a virus which is coming as an  
attachment? The attachment may be done by using base64 or binhex  encoding. 
Shall I have to create signature for each type?
  
  Has anybody implemented the idea of decoding the attachment (IDS) and 
then parsing the file to look for some pattern? 
  
  Regards,
  Babu

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------

Current thread:

Writing signatures for e-mail virus attachments c_sek_har (Feb 06)
- Re: Writing signatures for e-mail virus attachments lucien Fransman (Feb 07)
- Re: Writing signatures for e-mail virus attachments David W. Goodrum (Feb 07)
- <Possible follow-ups>
- Re: Writing signatures for e-mail virus attachments anonymous (Feb 07)
- RE: Writing signatures for e-mail virus attachments Matthew Conover (Feb 13)