subject:"\[clamav\-users\] New Tool\: ClamAV Large Archive Scanner"

Re: [clamav-users] New Tool: ClamAV Large Archive Scanner

2024-06-04 Thread Paul Kosinski via clamav-users

A good start, and the ISO should be good for scanning CDs and such.

I wonder if it could find (given the right signature) the malware on Sony's old 
music CDs that AV companies ignored, but some independent researcher 
discovered, and then the DHS (!) cited as being a nasty security issue.



On Tue, 4 Jun 2024 17:51:36 +
"Micah Snyder \(micasnyd\) via clamav-users"  
wrote:

> As many of you know, ClamAV has a limit on the maximum file size that may be 
> scanned. The default max file size is 100MB in the latest release. You can 
> raise the limit up to 2000MB (2GB). But it cannot be set higher at this time. 
> Some users who have a requirement to scan much larger files (and can tolerate 
> the extended scan times required) have needed to work around this limitation 
> on their own, but now we can offer a new alternative.
> 
> We have created the ClamAV Large Archive Scanner utility in order to meet 
> that need in the case where these files consist of large archives or disk 
> images.
> 
> https://github.com/Cisco-Talos/clamav-large-archive-scanner
> 
> The ClamAV Large Archive Scanner utility is a wrapper around the ClamAV 
> clamd and clamdscan programs that provides a way to scan archives which 
> exceed ClamAV's maximum file size limit.
> 
> The ClamAV Large Archive Scanner makes use of system utilities to recursively 
> extract or mount large archives, as needed and then scan the contents.
> 
> You may run the ClamAV Large Archive Scanner in your local environment, or 
> you may run the utility in a Docker container. The Docker container is easier.
> 
> The ClamAV Large Archive Scanner supports extraction or mounting of the 
> following types of archives:
> 
>   *
> TAR
>   *
> ZIP
>   *
> ISO
>   *
> VMDK
>   *
> TARGZ
>   *
> QCOW2
> 
> Disclaimer: The ClamAV Large Archive Scanner is NOT intended as a replacement 
> for clamscan or clamd.  It was created as a workaround for people who 
> absolutely need to scan archives larger than 2000MB, until such a time as we 
> can increase or eliminate ClamAV's hard limit for max file size.
> 
> We have no intention of trying to make this tool match all of the features in 
> clamscan or clamd.
> 
> If the content you are scanning is smaller than 2GB, then this tool is not 
> for you and will only add overhead to your scanning process.
> 
> Regards,
> Micah Snyder
> 
> Micah Snyder (they/them)
> ClamAV Development
> Talos
> Cisco Systems, Inc.
___

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

[clamav-users] New Tool: ClamAV Large Archive Scanner

2024-06-04 Thread Micah Snyder (micasnyd) via clamav-users

As many of you know, ClamAV has a limit on the maximum file size that may be 
scanned. The default max file size is 100MB in the latest release. You can 
raise the limit up to 2000MB (2GB). But it cannot be set higher at this time. 
Some users who have a requirement to scan much larger files (and can tolerate 
the extended scan times required) have needed to work around this limitation on 
their own, but now we can offer a new alternative.

We have created the ClamAV Large Archive Scanner utility in order to meet that 
need in the case where these files consist of large archives or disk images.

https://github.com/Cisco-Talos/clamav-large-archive-scanner

The ClamAV Large Archive Scanner utility is a wrapper around the ClamAV clamd 
and clamdscan programs that provides a way to scan archives which exceed 
ClamAV's maximum file size limit.

The ClamAV Large Archive Scanner makes use of system utilities to recursively 
extract or mount large archives, as needed and then scan the contents.

You may run the ClamAV Large Archive Scanner in your local environment, or you 
may run the utility in a Docker container. The Docker container is easier.

The ClamAV Large Archive Scanner supports extraction or mounting of the 
following types of archives:

  *
TAR
  *
ZIP
  *
ISO
  *
VMDK
  *
TARGZ
  *
QCOW2

Disclaimer: The ClamAV Large Archive Scanner is NOT intended as a replacement 
for clamscan or clamd.  It was created as a workaround for people who 
absolutely need to scan archives larger than 2000MB, until such a time as we 
can increase or eliminate ClamAV's hard limit for max file size.

We have no intention of trying to make this tool match all of the features in 
clamscan or clamd.

If the content you are scanning is smaller than 2GB, then this tool is not for 
you and will only add overhead to your scanning process.

Regards,
Micah Snyder

Micah Snyder (they/them)
ClamAV Development
Talos
Cisco Systems, Inc.
___

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Re: [clamav-users] New Tool: ClamAV Large Archive Scanner

[clamav-users] New Tool: ClamAV Large Archive Scanner

2 matches

Site Navigation

Mail list logo

Footer information