pgpbZWBPZEd6T.pgp
Description: PGP signature
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
Hello,
I realize this is probably a redicules question, but what is the feasibility
or praticality of catching viruses through a packet scanner (firewall or
IDS) solely at the packet level?
For example (poor one but does illustrate the concept):
tcpdump -n -l -X | clamscan -
I can think of a few shortcommings:
1. a virus will be missed if the signature splits packets.
2 no realistic way of notifing the end user that a packet was infected and
destroyed, hence was their download.
Thank you in advance.
- [Clamav-users] Clam Packet Scanning Mar Matthias Darin
- [Clamav-users] Re: Clam Packet Scanning René Berber
- [Clamav-users] Re: Clam Packet Scanning Mar Matthias Darin
- Re: [Clamav-users] Re: Clam Packet Scannin... Rob MacGregor
- Re: [Clamav-users] Re: Clam Packet Sca... Rajkumar S
- [Clamav-users] Re: Clam Packet Sc... Mar Matthias Darin
- Re: [Clamav-users] Re: Clam P... Rajkumar S
- Re: [Clamav-users] Re: Cl... Jeremy Kitchen
- [Clamav-users] Re: Clam P... Mar Matthias Darin
- Re: [Clamav-users] Re: Cl... Rajkumar S
- Re: [Clamav-users] Re: Clam Packe... Rob MacGregor
