Re: [clamav-users] detection of really old viruses?
Naresh, Please do not reply to every thread on the ClamAV list asking for help. Have you looked at the documentation page on CLamAV.net http://clamav.net/? -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos On Dec 31, 2014, at 12:36 AM, naresh hcu nareshhc...@gmail.com wrote: Respected Sir/Madam, Could you tell me step-wise how to install stable version 0.98.5 from source code in ubuntu??? --- Naresh On Sun, Nov 23, 2014 at 10:02 AM, Marcel Giannelia i...@skeena.net wrote: On Sat, 22 Nov 2014 18:53:58 -0800 Al Varnell alvarn...@mac.com wrote: AFAIK, definitions exist forever unless they have been found to cause False Positives. You can normally find the date a definition was added by searching the clamav-virusdb archive: http://lurker.clamav.net/list/clamav-virusdb.en.html Confirmed; e.g. searching that list for CIH (a.k.a. Chernobyl, from about 1998 or 99) shows W95.CIH-II.882 and some variants were added to the defs in about 2003. sigtool -l of the current main.cvd shows that these definitions are still present in current. Thanks, ~Felix. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml smime.p7s Description: S/MIME cryptographic signature ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] detection of really old viruses?
Respected Sir/Madam, Could you tell me step-wise how to install stable version 0.98.5 from source code in ubuntu??? --- Naresh On Sun, Nov 23, 2014 at 10:02 AM, Marcel Giannelia i...@skeena.net wrote: On Sat, 22 Nov 2014 18:53:58 -0800 Al Varnell alvarn...@mac.com wrote: AFAIK, definitions exist forever unless they have been found to cause False Positives. You can normally find the date a definition was added by searching the clamav-virusdb archive: http://lurker.clamav.net/list/clamav-virusdb.en.html Confirmed; e.g. searching that list for CIH (a.k.a. Chernobyl, from about 1998 or 99) shows W95.CIH-II.882 and some variants were added to the defs in about 2003. sigtool -l of the current main.cvd shows that these definitions are still present in current. Thanks, ~Felix. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] detection of really old viruses?
Most of the virus definitions in the cvd files don't seem to have dates associated with them (at least that I could see with sigtool), so I can't tell -- are older definitions ever dropped? That is, will clamav always be able to detect viruses from, e.g., the 1990s, or are definitions for viruses that old eventually removed from the database? ~Felix. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] detection of really old viruses?
On Sat, Nov 22, 2014 at 06:42PM, Marcel Giannelia wrote: Most of the virus definitions in the cvd files don't seem to have dates associated with them (at least that I could see with sigtool), so I can't tell -- are older definitions ever dropped? That is, will clamav always be able to detect viruses from, e.g., the 1990s, or are definitions for viruses that old eventually removed from the database? AFAIK, definitions exist forever unless they have been found to cause False Positives. You can normally find the date a definition was added by searching the clamav-virusdb archive: http://lurker.clamav.net/list/clamav-virusdb.en.html -Al- -- Al Varnell Mountain View, CA ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] detection of really old viruses?
Al is correct here. -- Joel Esler Sent from my iPhone On Nov 22, 2014, at 9:54 PM, Al Varnell alvarn...@mac.commailto:alvarn...@mac.com wrote: On Sat, Nov 22, 2014 at 06:42PM, Marcel Giannelia wrote: Most of the virus definitions in the cvd files don't seem to have dates associated with them (at least that I could see with sigtool), so I can't tell -- are older definitions ever dropped? That is, will clamav always be able to detect viruses from, e.g., the 1990s, or are definitions for viruses that old eventually removed from the database? AFAIK, definitions exist forever unless they have been found to cause False Positives. You can normally find the date a definition was added by searching the clamav-virusdb archive: http://lurker.clamav.net/list/clamav-virusdb.en.html -Al- -- Al Varnell Mountain View, CA ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] detection of really old viruses?
On Sat, 22 Nov 2014 18:53:58 -0800 Al Varnell alvarn...@mac.com wrote: AFAIK, definitions exist forever unless they have been found to cause False Positives. You can normally find the date a definition was added by searching the clamav-virusdb archive: http://lurker.clamav.net/list/clamav-virusdb.en.html Confirmed; e.g. searching that list for CIH (a.k.a. Chernobyl, from about 1998 or 99) shows W95.CIH-II.882 and some variants were added to the defs in about 2003. sigtool -l of the current main.cvd shows that these definitions are still present in current. Thanks, ~Felix. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml