[EMAIL PROTECTED] wrote: > Hello all. > > We've had some consultant make the spurious claim that Clam AV only scans for > 'windows viruses' and is really only useful for 'scanning email'. > Despite the fact that I know this to be patently false, is there > documentation out there I can slap him with that clearly indicates that the > virus > defs are for any platform, Linux, windows, Unix, Mac OS X, etc. ? I can prove > that it scans the file system just by sprinkling a few test viri things > out in the file system. Hard to argue with that sort of evidence.
The former statement isn't accurate, but that latter is mostly on target. While ClamAV has signatures for many types of malware, it was designed primarly as an email scanner. It is not a resident real-time scanner, scanning file access and other OS-level structures. You can manually check files on the file system. It would not, for example, be able to intercept a rootkit'd system, that patched into file IO access. > > The rest of it, well, now it's personal. > > -J > _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
