Linux Software & Blog
Posts tagged lmd
I am Back: Signature Updates
Jun 24th
I am back, fresh off a trip home to Montreal, which I must say was an absolutely amazing time. It has left me reflecting on allot of things, most importantly that there really is no place like home — I miss Montreal more than I can even describe. That said though, time to get back into the mix of things — there is a mountain of malware submissions to review, 91 to be exact. Today I really could not find the energy or time to go through them all but I did process the edge IPS data to extract some More >
Linux Malware Detect v1.3.6: Loose Ends
May 24th
In LMD 1.3.3 there was allot of changes, 29 to be exact, that made LMD much more robust and especially the monitoring component, much more usable. If that release was about making good things better, then this release is about bringing loose ends together. I spent a couple of days running LMD through its paces along with having many people help me test it and during that process, we brought allot of little things to the surface that needed fixing or revising.
In total, there has been 31 changes, fixes or new additions to LMD since that 1.3.3 release on the More >
Linux Malware Detect v1.3.3: Making good things better
May 15th
This morning I have put out LMD v1.3.3, this is on the back of two other successive releases in recent days that improved LMD in many areas, along with correcting some bugs that were graciously reported by those helping to break-in the project. I have also listened to feedback and revised a number of features along with completely redoing how the inotify monitoring operates, to provide a much more robust model for real-time file monitoring.
I am also happy to say that people are embracing the use of the -c|–checkout option to send me malware that is not currently detected, which More >
LMD Signatures: RSS Feed & XML
May 12th
While I was making some signature updates this afternoon, It occurred to me that it might be useful if the signatures were available through an RSS feed for update tracking or should anyone want to serialize the importing of my signature data into other applications.
The signatures can be access in two data formats, the first is an RSS feed that presents the 50 most recent signatures published. The second is an XML element tree that can be queried by signature ID or for all/recent signatures. There is nothing fancy about either of these data sources, information is presented clean and More >
Better Late Than Never: Linux Malware Detect 1.3
May 12th
Today I have released Linux Malware Detect (LMD) 1.3, the first public stable release of my malware detection tool. The documentation is a little thin but the details are on the project page and the README file should fill you in on anything you need to know, otherwise you can post a comment on the bottom of the project page and I will assist where possible. Input on feature ideas, bugs and malware data is always welcome, see the –help options on LMD for the checkout feature to upload malware data to rfxn.com.
In October I detailed the concepts behind the More >
