On Oct 11, 2013, at 10:00 AM, David F. Skoll wrote:
> Nick Johnson wrote:
>
>> If it's your opinion that 99% of .exe files are viruses, then
>> configure your mail server to block .exe files.
>
> Yes, I already do that... but isn't that a bit of a copout? If ClamAV
> is missing 80% of the vir
Antivirus is a cop out anyway since it is essentially a reactive solution.
It is simple to write custom payloads to be sent that aren't detected by
AV. AV catches the low hanging fruit.
On Fri, Oct 11, 2013 at 9:41 AM, Nick Johnson wrote:
> I should mention that I am not a clamav developer, jus
I should mention that I am not a clamav developer, just some guy on the list.
On Fri, Oct 11, 2013 at 10:00 AM, David F. Skoll
wrote:
> Yes, I already do that... but isn't that a bit of a copout? If ClamAV
> is missing 80% of the viruses that we receive, it's not terribly useful,
> is it?
>
He
Nick Johnson wrote:
> If it's your opinion that 99% of .exe files are viruses, then
> configure your mail server to block .exe files.
Yes, I already do that... but isn't that a bit of a copout? If ClamAV
is missing 80% of the viruses that we receive, it's not terribly useful,
is it?
Regards,
Hello all,
I am developing extensions for Clamav (at least that's my objective!) and was
doing some preliminary tests with UPX.
This is my test procedure:
1) compile a simple exe on windows + mingw with one main call function and no
stdout: clean.exe
2) upx clean.exe -o clean.upx.exe
3) run clam