well, i'm not sure if thats the right solution, as smart virus or old file with new virus definiton will not be found. also i know all other virus scanners do scan all files.
On 11/26/06, Dennis Peterson <[EMAIL PROTECTED]> wrote:
Erez Epstein wrote: > and how can i shorten it while still scaning all files every night. Don't scan all of them every night. There is no need to scan a file that has not been modified since the last scan. There is probably no need to scan your logs, /var, /usr, /opt, /proc, /dev, /bin, /sbin, or /devices (or any root owned directory) unless you think you have been hacked and had your root account compromised. You probably don't want to scan NFS mounts or Samba mounts as it is rather expensive in terms of network traffic and speed, and introduces all kinds of interesting permissions and connection reliability issues. Clam is not a good intrusion detection tool so you might want to run TripWire or some similar tool that will tell you which files have been modified so you can limit your scan to those few files that require scanning. dp _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
_______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
