[Mimedefang] Re: Graphdefang issue with the / char
Albert E. Whale
aewhale at ABS-CompTech.com
Sun Dec 22 21:47:01 EST 2002
John,
It's frustrating, here's the following MIMEDefang log (along with the sendmail log as well). A simple grep of the ASCII Datafile
shows the following:
Dec 22 17:03:26 ns mimedefang.pl[9079]:
MDLOG,gBMM3AuP016526,virus,Worm/Klez.E,194.109.218.210,<users-admin at lists.freeswan.org>,<aewhale at abs-comptech.com>,[Users] Returned
mail--"to all top level windows..."
However, this does not appear on the list of detected viruses on www.abs-comptech.com/graphdefang
Any clues as to what is occurring here?
"Albert E. Whale" wrote:
> I would be happy to!
>
> Let me see if time has resolved this issue, my case was with the Worm/Klez and Worm/BugBear within the first week.
>
> Seems that time has healed this problem (number of records anyway). You can see results (for the time being anyway) at
> http://www.ABS-CompTech.com/graphdefang/
>
> Thanks for the reply!
>
> John Kirkland wrote:
>
> > I copied these 2 lines into a text file and then parsed it with
> > graphdefang. I received 2 events in my output png files with the correct
> > virus names.
> >
> > If you continue to have problems, can you send me a copy of the file that
> > contains these entries as I'm not able to reproduce the problem with this
> > information.
> >
> > Regards,
> > John Kirkland
> >
> > > I have two Virus definitions in the Mimedefang MDLOG -
> > >
> > > Dec 9 05:46:36 ns mimedefang.pl[23211]:
> > > MDLOG,gB9AkPuP005411,virus,Worm/Klez.E,209.225.8.12,<mmccord at charter.net>,<aewhale at abs-comptech.com>,A
> > >
> > > special funny website
> > > Dec 9 07:30:04 ns mimedefang.pl[23211]:
> > > MDLOG,gB9CTquP006593,virus,Worm/Bride.A,194.109.218.210,<users-admin at lists.freeswan.org>,<aewhale at abs-comptech.com>,[Users]
> > >
> > > Digital Mens
> > >
> > > While the first virus entry is collected correctly, the second one is
> > > not captured at all. Additionally, there appears to be issues with the
> > > Number of Occurrences with the related Virus definition. Any ideas?
> >
> > _______________________________________________
> > MIMEDefang mailing list
> > MIMEDefang at lists.roaringpenguin.com
> > http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
> --
> Albert E. Whale - CISSP
> http://www.abs-comptech.com
> ----------------------------------------------------------------------
> ABS Computer Technology, Inc. - ESM, Computer & Networking Specialists
> Sr. Security, Network, and Systems Consultant
> Board of Directors - InfraGard - Pittsburgh, PA
>
> _______________________________________________
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
--
Albert E. Whale - CISSP
http://www.abs-comptech.com
----------------------------------------------------------------------
ABS Computer Technology, Inc. - ESM, Computer & Networking Specialists
Sr. Security, Network, and Systems Consultant
Board of Directors - InfraGard - Pittsburgh, PA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graphdefang.gz
Type: application/x-gzip
Size: 27476 bytes
Desc: not available
URL: <https://lists.mimedefang.org/pipermail/mimedefang_lists.mimedefang.org/attachments/20021222/c1390546/attachment.tgz>
More information about the MIMEDefang
mailing list