It's called "Appliation Whitelisting", methinks. On Fri, May 7, 2010 at 11:59, Andrew S. Baker <asbz...@gmail.com> wrote: > First off, the ClamAV issue was somewhat mitigated by them telling everyone > to be off of v96 for a few weeks. :) > But, the reality of this situation is that signature-based host-level > protection is getting to the point where the human error factor is too high. > (I feel a blog entry coming up soon) > In order to attack the threats that are out there, signatures need to be > updated frequently, and increasing the frequency places greater burden on > the QA process, and increases the risk of a self-inflicted DoS. > What this signifies is that we need to start demanding a different approach > to host-based protection *as the norm*, because there is now as great a > chance that your system can be made ineffective from an AV update as from an > actual piece of malware. > AV in its current form really has to die, as there is no way for the good > guys to keep up with the bad guys, leaving us vulnerable to even more > foolishness from creative bad guys. > -ASB: http://XeeSM.com/AndrewBaker > > > On Fri, May 7, 2010 at 1:27 PM, Kurt Buff <kurt.b...@gmail.com> wrote: >> >> - -------- Original Message -------- >> Subject: [Clamav-announce] problem with daily.cvd 10938 >> Date: Fri, 7 May 2010 13:06:56 +0200 >> From: Luca Gibelli <l...@clamav.net> >> Reply-To: nore...@clamav.net >> To: ClamAV Announce <clamav-annou...@lists.clamav.net> >> >> Dear ClamAV users, >> >> about 15 mins ago we released daily.cvd 10938. This update apparently >> caused a segmentation fault in all ClamAV versions older than 0.96 >> on 32 bit systems. >> >> We just released daily.cvd 10939 which removes the faulty signature and >> we have taken measures to ensure that this problem won't happen again. >> >> We recommend using a monitor tool like clamdwatch or clamdmon to >> automatically restart clamd whenever it dies. >> >> If you are already using a similar solution, your clamd will be >> restarted automatically as soon as freshclam downloads the daily.cvd >> 10939 update. >> >> We apologise for the inconvenience. >> >> Regards, >> >> - -- >> Luca Gibelli (luca _at_ clamav.net) ClamAV, a GPL anti-virus toolkit >> [Tel] +39 0187 1851862 [Fax] +39 0187 1852252 [IM] nervous/jabber.linux.it >> PGP key id 5EFC5582 @ any key-server || http://www.clamav.net/gpg/luca.gpg >> _______________________________________________ >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> > > > >
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~