Hello,
Fajar A. Nugraha wrote:
George Chelidze wrote:
Bad, because broken executables are not 100% virus.
Seems that the scanner at sendvirus.cgi uses the DetectBrokenExecutables option while "clamav online scanner" - not.
So is it a bad idea to enable the same in online scanner? It will save a little bandwidth...
I don't mean they should be marked as virus. The fact is that file isn't ok, it's already in base as broken executable.
Also bad, because it is not enabled by default on a standard installation.
We are not talking about adding this option to default options list. The online scanner is often used to check a file against known threats and if it's not detected by scanner (marked as OK) and suspected to be a new virus, it's submited to clamav team. Before you get back "This virus is already recognized..." message actually should be uploaded to server and should be checked once again (correct me if I am wrong) which is extra bandwidth and cpu power. Hope I made myself clear.
Best Regards, -- George Chelidze _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
