This is a two part issue:
Part 1: I'm looking into snort rules and the UTM is finding the snort.org server to be infected with malicious code.
This is beyond absurd, nevertheless, I checked with the admin and he confirmed this is the UTM identifying the snort ruleset as malicious code.
On this page: Snort :: snort-rules
There are links to snort rule documentation which point to this page:
http://www.snort.org/downloads/2856
The UTM indicates that the latter is inffected with a virus that falls under the fairly generic definition of JS/Shellcode.gen. Definition: JS/Shellcode.gen | Virus Profile & Definition | McAfee Inc.
Part 2: In order to gain access to the file, I created an exception in Web Filtering section. (See the attachment for details). What's confusing is with this exception, the file can be downloaded but the virus scanner is still used despite my explicit request to omit the virus scanner in the exception. The scan occurs and access to the file is prevented.
I suppose I can temporarily turn off all UTM web-based functionality for this occurrence, but the work-around is a great deal of work for one file.
Is there a way to prevent this apparent double-virus scan since the exception appears to prevent only the first scan.
This thread was automatically locked due to age.
