I attended a conference where I heard about the Zero-Hour protection
by Commtouch and a Hungarian AV-vendor has licenced their solution.
Basically Commtouch has many sensors (probably email addresses) in the
Internet. If the sensors are picking up a lot of similar emails it is
obvious that they are virus/worm/spam/... This technique does not need
any signature since it counts the similar messages so it can give you
protection before any signature could be made.
Anyway thanks for all the replies.
Digitally yours,
Janos SUTO
On Tue, 22 Nov 2005, James Paige wrote:
[EMAIL PROTECTED] wrote:
Hello All!
I would like to know whether you plan to extend clamav with a "zero-hour"
like signatureless virus detection. Some info about the idea can be found
here: http://www.commtouch.com/site/OEM/zero_hour.asp
Digitally yours,
Janos SUTO
That page has nothing but vague marketing-speak like this:
"Aimed at detecting mass outbreak indicators, Zero-Hour is differentiated
from other proactive virus detection technologies by several advantages.
First and foremost is the immediate and accurate detection of new outbreaks"
There is not even enough information to guess what technology they are
actually talking about.
---
James Paige
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html