YARA on Fedora


YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic.

Recently, we tried to compile YARA on a Fedora 23 GNU/Linux (running through a qubes-os version 3).
As the installation guide is directed towards Ubuntu/Debian users, we soon found out that the installation had some missing dependencies. Below, you will find all the steps we followed to download YARA / install its dependencies and build it enabling as all optional features.

sudo dnf install automake libtool make gcc flex bison jansson-devel jansson openssl openssl-devel file-libs file-devel python-magic python3-magic;

git clone https://github.com/VirusTotal/yara; # Or download a release from: https://github.com/virustotal/yara/releases/tag/v3.8.1

cd yara;

./bootstrap.sh;

./configure --enable-cuckoo --enable-magic --enable-dotnet;

make;

sudo make install;

This information is an extension to the installation guide.

This post is also available in: Αγγλικα

Απάντηση

Αυτός ο ιστότοπος χρησιμοποιεί το Akismet για να μειώσει τα ανεπιθύμητα σχόλια. Μάθετε πώς υφίστανται επεξεργασία τα δεδομένα των σχολίων σας.