Everything about ClamAV is open source and free. Including the signatures. There
is nothing stopping any of us from filling the gaps in signatures.
dp
On 5/23/16 9:45 AM, Groach wrote:
On 23/05/2016 14:44, C.D. Cochrane wrote:
Hi Michael,
I made a similar inquiry last week (Signature update schedule, and
requirements for adding Signatures) - this was the responses:
My 2 cents would be that rapid traditional signature updates are not a
viable solution to this long term problem.
I'm pretty sure the current generation >>>of Locky, Dridex, Nemucod, etc.
ransomware is generated using millions
of tiny mutations so that almost every email attachment has a unique
signature. >>>There is no way to keep up with
that. ClamAV got more than a million virus samples per day, last time I
inquired.
...Chris
Best Regards
Michael
As for they claim above about Dridex etc being too numerous to handle, Sane
Security seems to be doing just a fine job of it. (So its just a lame response).
Yep. An antivirus solution that to their own admission will not be giving
out signatures to real threats as there are too many, and shouldnt be used as
a realtime threat protection to real threats and should only be used to
supplement a more superior and effective AV solution.
So, tell me again, what is the point of it?
If I am already investing/relying on a more effective solution for Zero-day
threats and realtime scanning to stop being hit, why do I need Clam? (If the
more effective solution is going to get it the n for sure Clam isnt. Like
asking your one-legged Grandad to help push the car that is currently being
towed by a toe truck).
Of course, you may have chosen to not have another solution, and to ONLY use
the Clam default signatures. Then you can rely on it:
a, once the threat has already hit your system and done its damage and
b, to advise you that you have been hit so you can then use another solution
to recover/cure your (now infected) system (hopefully!)
Yeah. I Hope people that are struggling to get through the problems of
getting it to install/compile and download the updates and yet not use 3rd
party signatures actually realise what ultimately they are going to achieve.
Nada.
May they be lucky in life.
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
