Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Linux yara rules compilation problem. #5

Closed
MariasStory opened this issue Feb 23, 2015 · 1 comment
Closed

Linux yara rules compilation problem. #5

MariasStory opened this issue Feb 23, 2015 · 1 comment

Comments

@MariasStory
Copy link

Hi Florian,

Nice tool indeed. I would like to have it linux friendly. Please, make the memory scan optional, let's say with an execution option. I disabled the memory scan and run the scanner in linux. At first, I had somewhat older version of yara and there where few compilation errors in the "yara_rules.yar". After updating yara to 3.3.0, I see "YaraSuntaxError" message in all 3 *.yar files. The error messages are quite reasonable.
I am not sure why you don't have the error messages with the combined (windows) version, as it works just fine.
Please, make the tool linux friendly and solve the problem with *.yar compilation.

PS: Giving a short update (even if you don't have a fast solution), is a good start.

Greetings,
Tolik
@Neo23x0
Copy link
Owner

Neo23x0 commented Feb 23, 2015

v0.4 is fully compatible with Linux

Process checks are disabled by default on Linux.
(there has always been an option --noprocs to disable them)
Yara must be installed in version 3.2+.
All yara rules are correct. There are no syntax errors.

@Neo23x0 Neo23x0 closed this as completed Feb 23, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Neo23x0 @MariasStory