On Fri, September 8, 2006 10:42 am, mcd said: > This is an interesting approach, but let me explain a little more. I will > be running md5sums for every file on a system. I will then compare that > list of md5sums against a list of md5sums that are know to be virus free. > The files that do not have valid md5sums in the database will then need > to be scanned. In a lot of situations this list of files will be in the > thousands. At this point would I be better off calling clamscan to scan > the entire disk, or call clamscan 10,000+ times with unknown files? I > hope I am making this clear. Thanks for all of your help.
(Please don't top-post, it makes it hard to usefully trim the discussion.) Running clamscan over the entire disk is still overkill in this situation; even if 10% if only the disk does *not* need scanning, I'd restrict to just the other 90%. The response you replied to is probably what I'd use for this scenario: Either write a file with the paths of the files to be scanned and pipe that to clamscan, or just pipe it directly from you comparison script. That's only calling clamscan once, so you aren't hitting the startup costs over and over. (Which *would* be a problem.) If doing one of those is not possible, and you must call a program seperately for each file, use clamdscan to do the scanning, but be aware of permissions issues based on who started clamd. Daniel T. Staal --------------------------------------------------------------- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. --------------------------------------------------------------- _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
