Hi Marco,
Are the signatures official ClamAV ones only or are you using 3rd Party
ones as well (if so, could you list them)
Cheers,
Hello Steve,
I'm checking the Sanesecurity&C signature. I have these:
blurl.ndb
bofhland_cracked_URL.ndb
bofhland_malware_attach.hdb
bofhland_malware_URL.ndb
bofhland_phishing_URL.ndb
crdfam.clamav.hdb
foxhole_filename.cdb
foxhole_generic.cdb
hackingteam.hsb
javascript.ndb
junk.ndb
jurlbl.ndb
malwarehash.hsb
malwarepatrol.db
phish.ndb
phishtank.ndb
porcupine.ndb
rogue.hdb
sanesecurity.ftm
scam.ndb
securiteinfoascii.hdb
securiteinfo.hdb
securiteinfohtml.hdb
securiteinfo.ign2
securiteinfopdf.hdb
sigwhitelist.ign2
spamattach.hdb
spamimg.hdb
spearl.ndb
spear.ndb
winnow.attachments.hdb
winnow_bad_cw.hdb
winnow_extended_malware.hdb
winnow_malware.hdb
winnow_malware_links.ndb
I now noticed that reload time decrease if I remove SecuriteInfo.
Really I don't find securiteinfo match in log of viruses, so I could
remove it permanently...
Do you have any hint about signature to keep for email traffic?
I'll also try to move fs in tmpfs...
Thank you very much
Best Regards
Marco
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
