[clamav-users] detection of really old viruses?
Most of the virus definitions in the cvd files don't seem to have dates associated with them (at least that I could see with sigtool), so I can't tell -- are older definitions ever dropped? That is, will clamav always be able to detect viruses from, e.g., the 1990s, or are definitions for viruses that old eventually removed from the database? ~Felix. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] detection of really old viruses?
On Sat, Nov 22, 2014 at 06:42PM, Marcel Giannelia wrote: Most of the virus definitions in the cvd files don't seem to have dates associated with them (at least that I could see with sigtool), so I can't tell -- are older definitions ever dropped? That is, will clamav always be able to detect viruses from, e.g., the 1990s, or are definitions for viruses that old eventually removed from the database? AFAIK, definitions exist forever unless they have been found to cause False Positives. You can normally find the date a definition was added by searching the clamav-virusdb archive: http://lurker.clamav.net/list/clamav-virusdb.en.html -Al- -- Al Varnell Mountain View, CA ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] detection of really old viruses?
Al is correct here. -- Joel Esler Sent from my iPhone On Nov 22, 2014, at 9:54 PM, Al Varnell alvarn...@mac.commailto:alvarn...@mac.com wrote: On Sat, Nov 22, 2014 at 06:42PM, Marcel Giannelia wrote: Most of the virus definitions in the cvd files don't seem to have dates associated with them (at least that I could see with sigtool), so I can't tell -- are older definitions ever dropped? That is, will clamav always be able to detect viruses from, e.g., the 1990s, or are definitions for viruses that old eventually removed from the database? AFAIK, definitions exist forever unless they have been found to cause False Positives. You can normally find the date a definition was added by searching the clamav-virusdb archive: http://lurker.clamav.net/list/clamav-virusdb.en.html -Al- -- Al Varnell Mountain View, CA ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] detection of really old viruses?
On Sat, 22 Nov 2014 18:53:58 -0800 Al Varnell alvarn...@mac.com wrote: AFAIK, definitions exist forever unless they have been found to cause False Positives. You can normally find the date a definition was added by searching the clamav-virusdb archive: http://lurker.clamav.net/list/clamav-virusdb.en.html Confirmed; e.g. searching that list for CIH (a.k.a. Chernobyl, from about 1998 or 99) shows W95.CIH-II.882 and some variants were added to the defs in about 2003. sigtool -l of the current main.cvd shows that these definitions are still present in current. Thanks, ~Felix. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] real-time scan
Hi Team, Is there any real-time monitoring available in clamAV with quarantine option ? If yes, please let me know how to implement it? -- Thanks Regards, Deevakar P K ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] real-time scan
On Sat, Nov 22, 2014 at 09:18PM, Deevakar PK wrote: Hi Team, Is there any real-time monitoring available in clamAV with quarantine option ? If yes, please let me know how to implement it? It would help to know what platform/OS you need it for. -Al- -- Al Varnell Mountain View, CA ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] real-time scan
Hi, I need it for Ubuntu and CentOS as of now. BR// Deevakar P K On Sun, Nov 23, 2014 at 10:55 AM, Al Varnell alvarn...@mac.com wrote: On Sat, Nov 22, 2014 at 09:18PM, Deevakar PK wrote: Hi Team, Is there any real-time monitoring available in clamAV with quarantine option ? If yes, please let me know how to implement it? It would help to know what platform/OS you need it for. -Al- -- Al Varnell Mountain View, CA ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml -- Thanks Regards, Deevakar P K ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
