Mailing List Archive

Information about the signature database
Hello,

is there a mean which I can see when a specific signature has been insert in the signature database?
I'm doing a forensics digital investigation and I'm trying to discover for how long the malware was known to the ClamAV Database.

Thanks for support.

Alessandro

.
Alessandro Cortina

[cid:FirmaMilano_PERANInew_1696e74b-a9ff-49e9-b1e5-b72d0555eb7b.jpg] .
Re: Information about the signature database [ In reply to ]
Al will probably be along shortly to correct me (he's quite good at tracking down when items were added to the DB), but as far as I know, the only way is to search the archive of posts to the clamav-virusdb mailing list.

https://lists.clamav.net/pipermail/clamav-virusdb/

Mark

> On 9 Dec 2022, at 9:37 am, Alessandro Cortina <acortina@perani.com> wrote:
>
> Hello,
>
> is there a mean which I can see when a specific signature has been insert in the signature database?
> I'm doing a forensics digital investigation and I'm trying to discover for how long the malware was known to the ClamAV Database.
>
> Thanks for support.
>
> Alessandro
> .
> Alessandro Cortina
>
> <FirmaMilano_PERANInew_1696e74b-a9ff-49e9-b1e5-b72d0555eb7b.jpg> .
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
Re: Information about the signature database [ In reply to ]
Yes I simply search the daily's. If you give me the signature name I can do that for you tomorrow.

Sent from my iPad

-Al-

> On Dec 9, 2022, at 02:59, Mark Allan via clamav-users <clamav-users@lists.clamav.net> wrote:
>
> ?Al will probably be along shortly to correct me (he's quite good at tracking down when items were added to the DB), but as far as I know, the only way is to search the archive of posts to the clamav-virusdb mailing list.
>
> https://lists.clamav.net/pipermail/clamav-virusdb/
>
> Mark
>
>> On 9 Dec 2022, at 9:37 am, Alessandro Cortina <acortina@perani.com> wrote:
>>
>> Hello,
>>
>> is there a mean which I can see when a specific signature has been insert in the signature database?
>> I'm doing a forensics digital investigation and I'm trying to discover for how long the malware was known to the ClamAV Database.
>>
>> Thanks for support.
>>
>> Alessandro
>> .
>> Alessandro Cortina
>>
>> <FirmaMilano_PERANInew_1696e74b-a9ff-49e9-b1e5-b72d0555eb7b.jpg> .
>> _______________________________________________
>>
>> Manage your clamav-users mailing list subscription / unsubscribe:
>> https://lists.clamav.net/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/Cisco-Talos/clamav-documentation
>>
>> https://docs.clamav.net/#mailing-lists-and-chat
>
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
Re: Information about the signature database [ In reply to ]
The Talos team should be able to tell you, I’d you give them the name of the detection, they can look it up.


Sent from my iPhone

> On Dec 9, 2022, at 07:10, Al Varnell via clamav-users <clamav-users@lists.clamav.net> wrote:
>
> ?Yes I simply search the daily's. If you give me the signature name I can do that for you tomorrow.
>
> Sent from my iPad
>
> -Al-
>
>>> On Dec 9, 2022, at 02:59, Mark Allan via clamav-users <clamav-users@lists.clamav.net> wrote:
>>>
>> ?Al will probably be along shortly to correct me (he's quite good at tracking down when items were added to the DB), but as far as I know, the only way is to search the archive of posts to the clamav-virusdb mailing list.
>>
>> https://lists.clamav.net/pipermail/clamav-virusdb/
>>
>> Mark
>>
>>> On 9 Dec 2022, at 9:37 am, Alessandro Cortina <acortina@perani.com> wrote:
>>>
>>> Hello,
>>>
>>> is there a mean which I can see when a specific signature has been insert in the signature database?
>>> I'm doing a forensics digital investigation and I'm trying to discover for how long the malware was known to the ClamAV Database.
>>>
>>> Thanks for support.
>>>
>>> Alessandro
>>> .
>>> Alessandro Cortina
>>>
>>> <FirmaMilano_PERANInew_1696e74b-a9ff-49e9-b1e5-b72d0555eb7b.jpg> .
>>> _______________________________________________
>>>
>>> Manage your clamav-users mailing list subscription / unsubscribe:
>>> https://lists.clamav.net/mailman/listinfo/clamav-users
>>>
>>>
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/Cisco-Talos/clamav-documentation
>>>
>>> https://docs.clamav.net/#mailing-lists-and-chat
>>
>> _______________________________________________
>>
>> Manage your clamav-users mailing list subscription / unsubscribe:
>> https://lists.clamav.net/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/Cisco-Talos/clamav-documentation
>>
>> https://docs.clamav.net/#mailing-lists-and-chat
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat