Linux Software & Blog
Development
Signature Updates: Month In Review
Jul 24th
Since I will be busy this coming week with other priorities, I am posting an early month in review blog on signature updates.
In the last 3 weeks we have not seen a whole lot of action on in-the-wild malware, most of what is propagating at the moment are variants of already detected content. That is however not to say there has not been new signatures extracted, allot of this months signatures have come from account level compromises on vulnerable e107, wordpress and joomla installations along with user submissions. There is not a whole lot of ground breaking malware threats, More >
Signatures For The Masses
Jun 26th
Today I found the time and energy, despite how tedious it was, to go over the last two weeks worth of malware submissions and missed edge IPS data from when I was away. This resulted in a total of 126 new signatures (67 MD5 / 59 HEX) which brings LMD to a total of 2,471 signatures (894 MD5 / 1577 HEX). This now also gives the project a unique distinction among anti-virus and malware detection offerings, as the single largest project, commercial or open source, detecting Linux malware.
To further illustrate the lapse in coverage by other vendors, we can turn More >
I am Back: Signature Updates
Jun 24th
I am back, fresh off a trip home to Montreal, which I must say was an absolutely amazing time. It has left me reflecting on allot of things, most importantly that there really is no place like home — I miss Montreal more than I can even describe. That said though, time to get back into the mix of things — there is a mountain of malware submissions to review, 91 to be exact. Today I really could not find the energy or time to go through them all but I did process the edge IPS data to extract some More >
rfxn.com In Numbers
May 27th
Yup, nothing to see here except numbers…
2,018: Downloads of the newest project, Linux Malware Detect, month to date. 2,294: Signatures for Linux Malware Detect. 6,207: Downloads for all projects for the month to date. 14,176: Google results with link backs to rfxn.com or related domains (i.e: r-fx.org, rfxn.org etc..). 30,061: Active APF installations relative to unique IP’s fetching the reserved.networks file daily. 70,826: Project downloads for the last 12 months, May 2009 – April 2010. 133,931: Total visitor session to rfxn.com, month to date. 258,154: The number of web sites protected by APF (passed unique install IP’s to domainsbyip.com). 1,231,604: Total hits to rfxn.com, month to date.
More >Linux Malware Detect v1.3.6: Loose Ends
May 24th
In LMD 1.3.3 there was allot of changes, 29 to be exact, that made LMD much more robust and especially the monitoring component, much more usable. If that release was about making good things better, then this release is about bringing loose ends together. I spent a couple of days running LMD through its paces along with having many people help me test it and during that process, we brought allot of little things to the surface that needed fixing or revising.
In total, there has been 31 changes, fixes or new additions to LMD since that 1.3.3 release on the More >
