Hi there, On Thu, 23 Jul 2015, Phil Dumont wrote:
I'm considering using clamav on a machine that is not (can not be) on the network (any network, not even a local one).
Unless you can give more detail amounting to some sort of a case for doing this, my immediate reaction would be a little less circumspect than Mr. Swiger's. I'd say forget the idea, it's a waste of time, and it might even be counterproductive. Firstly, the detection rate that you'll get is likely to be poor for very recent threats (not least) because your out-of-band updates will probably be tardy. Secondly, without any network connection you'll have trouble keeping the software on this mysterious machine up-to-date, which will mean that it's rather more vulnerable to attack than it otherwise would be. Taken together these things lead me to postulate that your non-networked computer will be more likely to be compromised by things like malicious files on removable media (precisely the sort of thing you'll be using to tardily transfer the database updates I suppose), than it would be if it were networked after all. But as Chuck says, it's all really up to you. Out of interest, what operating system will the unsociable computer run? -- 73, Ged. _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
