nigeria
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 2
Yet Another antiVirus Recipe 1.9.5
Yet Another antiVirus Recipe is a procmail that helps to filter out a lot of the most common e-mail worms. more>>
Yet Another antiVirus Recipe is a procmail that helps to filter out a lot of the most common e-mail worms.
For some of the above (plain iframe, clsid, xml, macro) e-mail is delivered normally but gets a WARNING in subject plus its old subject ($SUB).
Some of the warnings are:
WARNING-XML-CODEBASE-OBJECT-$SUB
WARNING-CLSID-EXTENSION-$SUB
WARNING-IFRAME-$SUB
WARNING-MACRO-$SUB
WARNING-NSCAM-SCORE:$NKNGS-$SUB
Main features:
- :: base64 signatures ::
- Most of these worms are MS-Windows executables and arrive at our e-mail encoded through base64 routines. YAVR uses especially selected signatures to locate these attachments. After that it places them in a directory (/virus/) sorted by name.
-
- :: iframe html exploit ::
- Through IFrame tag a html encoded e-mail can download and execute a file from a remote http site without informing the user.
-
- :: CLSID hidden extensions exploit ::
- Attachments which end with a Class ID (CLSID) file extension do not show the actual file extension saved and viewed with Windows Explorer. This allows dangerous file types to look as though they are actually innocent files, such as JPG or WAV files.
-
- :: xml codebase exploit ::
- Usage of some xml objects allow local files to be automatically executed, regardless of the security settings on the target machine.
-
- :: generic executable trap for bat, pif, vbs, vba, scr, lnk, com, exe ::
- The rest of MS-executable files that are not caught from base64 signatures end up in a virus-could-be file.
-
- :: generic macro detection for doc,dot,xls,xla files ::
- MS-Word and MS-Excel files that contain macro commands are marked with a warning.
-
- :: generic detection for most of nigeria scam e-mails (most of them) ::
- Nigeria scam e-mail is not a virus but a big spam problem... There are many good filters that use great algorithms for spam. This is just an add-on.
Enhancements:
- new switches for quarantine or not certain e-mailsbased on some ideas by Dan Smart
- YAVRQUARANTEXE if set to ON it sends unknown executables to /virus/virus-could-be as usual if set to OFF it delivers at inbox with a warning (and the X- header ;)
- YAVRQUARANTNIG same for nigeria scam
- YAVRQUARANTPRN same for porn e-mail read instuctions inside nkvir-rc
- X- marks in headers to help your own procmail scripts
- X-YAVR: MS-EXEC (any MS executable that wasnt identified by signatures)
- X-YAVR: NIGERIA (nigeria scam)
- X-YAVR: PORN (porn related)
- X-YAVR: MACRO (containing macro code)
- X-YAVR: XML-CODEBASE
- X-YAVR: IFRAME
- X-YAVR: CLSID-EXTENSION
- X-YAVR: SENDMAIL-EXPLOIT
- some more Worm.Moodown.b aka Netsky.b signatures
- another Mimail.Q
<<lessFor some of the above (plain iframe, clsid, xml, macro) e-mail is delivered normally but gets a WARNING in subject plus its old subject ($SUB).
Some of the warnings are:
WARNING-XML-CODEBASE-OBJECT-$SUB
WARNING-CLSID-EXTENSION-$SUB
WARNING-IFRAME-$SUB
WARNING-MACRO-$SUB
WARNING-NSCAM-SCORE:$NKNGS-$SUB
Main features:
- :: base64 signatures ::
- Most of these worms are MS-Windows executables and arrive at our e-mail encoded through base64 routines. YAVR uses especially selected signatures to locate these attachments. After that it places them in a directory (/virus/) sorted by name.
-
- :: iframe html exploit ::
- Through IFrame tag a html encoded e-mail can download and execute a file from a remote http site without informing the user.
-
- :: CLSID hidden extensions exploit ::
- Attachments which end with a Class ID (CLSID) file extension do not show the actual file extension saved and viewed with Windows Explorer. This allows dangerous file types to look as though they are actually innocent files, such as JPG or WAV files.
-
- :: xml codebase exploit ::
- Usage of some xml objects allow local files to be automatically executed, regardless of the security settings on the target machine.
-
- :: generic executable trap for bat, pif, vbs, vba, scr, lnk, com, exe ::
- The rest of MS-executable files that are not caught from base64 signatures end up in a virus-could-be file.
-
- :: generic macro detection for doc,dot,xls,xla files ::
- MS-Word and MS-Excel files that contain macro commands are marked with a warning.
-
- :: generic detection for most of nigeria scam e-mails (most of them) ::
- Nigeria scam e-mail is not a virus but a big spam problem... There are many good filters that use great algorithms for spam. This is just an add-on.
Enhancements:
- new switches for quarantine or not certain e-mailsbased on some ideas by Dan Smart
- YAVRQUARANTEXE if set to ON it sends unknown executables to /virus/virus-could-be as usual if set to OFF it delivers at inbox with a warning (and the X- header ;)
- YAVRQUARANTNIG same for nigeria scam
- YAVRQUARANTPRN same for porn e-mail read instuctions inside nkvir-rc
- X- marks in headers to help your own procmail scripts
- X-YAVR: MS-EXEC (any MS executable that wasnt identified by signatures)
- X-YAVR: NIGERIA (nigeria scam)
- X-YAVR: PORN (porn related)
- X-YAVR: MACRO (containing macro code)
- X-YAVR: XML-CODEBASE
- X-YAVR: IFRAME
- X-YAVR: CLSID-EXTENSION
- X-YAVR: SENDMAIL-EXPLOIT
- some more Worm.Moodown.b aka Netsky.b signatures
- another Mimail.Q
Download (0.054MB)
Added: 2006-07-07 License: GPL (GNU General Public License) Price:
1204 downloads
SpamBayes 1.1a3
SpamBayes is a Bayesian anti-spam classifier written in Python. more>>
SpamBayes is a Bayesian anti-spam classifier written in Python. The major difference between this and other, similar projects is the emphasis on testing newer approaches to scoring messages.
While most anti-spam projects are still working with the original graham algorithm, we found that a number of alternate methods yielded a more useful response.
Thats great, but whats SpamBayes?
SpamBayes will attempt to classify incoming email messages as spam, ham (good, non-spam email) or unsure. This means you can have spam or unsure messages automatically filed away in a different mail folder, where it wont interrupt your email reading. First SpamBayes must be trained by each user to identify spam and ham. Essentially, you show SpamBayes a pile of email that you like (ham) and a pile you dont like (spam). SpamBayes will then analyze the piles for clues as to what makes the spam and ham different. For example; different words, differences in the mailer headers and content style. The system then uses these clues to examine new messages.
For instance, the word "Nigeria" appears often in spam, so you could use a spam filter which identifies anything with that word in it as spam. But what if your business involves writing a guidebook on Nigerian Wildlife Conservation? Clearly a more flexible approach is necessary. Additionally spammers will adapt their content over time and will no longer use the word "Nigeria" (or the words "Lose Weight Fast", or any number of other common lines). Ideally the software will be able to adapt as the spam changes.
So, that is what SpamBayes does. It compares the spam and the ham and calculates probabilities. For instance, for me, the word "weight" almost never occurs in legitimate email, but it occurs all the time in lose weight fast spam. SpamBayes can then look at incoming email, extract the most significant clues and combine the probabilities to produce an overall rating of "spamminess". It flags the messages so that your mailer can handle the different message types. You might set it up so that ham goes straight through untouched, spam goes to a folder that you ignore (or delete without checking) and the unsure messages go to another folder which you can review for errors.
<<lessWhile most anti-spam projects are still working with the original graham algorithm, we found that a number of alternate methods yielded a more useful response.
Thats great, but whats SpamBayes?
SpamBayes will attempt to classify incoming email messages as spam, ham (good, non-spam email) or unsure. This means you can have spam or unsure messages automatically filed away in a different mail folder, where it wont interrupt your email reading. First SpamBayes must be trained by each user to identify spam and ham. Essentially, you show SpamBayes a pile of email that you like (ham) and a pile you dont like (spam). SpamBayes will then analyze the piles for clues as to what makes the spam and ham different. For example; different words, differences in the mailer headers and content style. The system then uses these clues to examine new messages.
For instance, the word "Nigeria" appears often in spam, so you could use a spam filter which identifies anything with that word in it as spam. But what if your business involves writing a guidebook on Nigerian Wildlife Conservation? Clearly a more flexible approach is necessary. Additionally spammers will adapt their content over time and will no longer use the word "Nigeria" (or the words "Lose Weight Fast", or any number of other common lines). Ideally the software will be able to adapt as the spam changes.
So, that is what SpamBayes does. It compares the spam and the ham and calculates probabilities. For instance, for me, the word "weight" almost never occurs in legitimate email, but it occurs all the time in lose weight fast spam. SpamBayes can then look at incoming email, extract the most significant clues and combine the probabilities to produce an overall rating of "spamminess". It flags the messages so that your mailer can handle the different message types. You might set it up so that ham goes straight through untouched, spam goes to a folder that you ignore (or delete without checking) and the unsure messages go to another folder which you can review for errors.
Download (0.81MB)
Added: 2006-08-25 License: Python License Price:
1156 downloads
Secleted [ 0 ] software to compare
- Page: 1 of 1
- 1
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above nigeria search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
