Nime wrote:I set scheduled updates hourly. However official sigupdate.bat couldn't help. I googled for latest signatures and found
one site where the signatures publicly hosted, tons of signatures: http://ftp.swin.edu.au/sanesecurity/
Firstly I'm aware of http://ftp.swin.edu.au/sanesecurity/ but it's an unofficial mirror probably for their
local use only but it's been left "open" to the net.
The mirror is also 4 hours out of date compared to the current set of signatures...
ie:
Current Official Mirrors:
Signature files generated: 26/05/2016-10:56:22.15
Unofficial http://ftp.swin.edu.au/sanesecurity/
Signature files generated: 26/05/2016- 6:58:06.39
*4 hours behind*
What I'm really curious is why sigupdate.bat didn't help but the ones from the ftp mirror did.
Did you use the same signatures names?
Did sigupdate.bat actually stop anything, if it didn't maybe it wasn't setup correctly?
There could be a bug somewhere in sigupdate with the update process but I'd need to look at logs
Bit of an odd one...
Cheers,
Steve
Sanesecurity.com