Hello again,
In August 2016, sapientdust+cla...@gmail.com wrote:
The specifics are not important to my question
That's not what you said earlier. To be specific, you said:
>> In my case, the consequence factor is very large
...
>> Does anybody have any feedback on the proposed solution to scanning
>> large files in chunks?
>
> Stop worrying about it, it's a waste of time and effort. The probability
> that you will actually find what you're looking for is very small.
What are the technical reasons that the probability is very small
(compared to the probability of finding a virus if the file is small
enough to be scanned in one instream call)?
I didn't say anything about comparisons. You asked for feedback, I
gave you some, and I said you wouldn't like it. You're not going to
like it any better if you modify the question, because my feedback is
going to be the same. I've been using ClamAV for more than a decade
so I have a reasonable idea what it can achieve and what it can't.
If it won't work reliably (relative to scanning files small enough
to be scanned in their entirety at once), that's fine, and I will
have to switch to another AV scanner ...
You aren't making any sense. As I explained in the parts of my post
which you have conveniently snipped, no scanner can do what you want,
not least because there are such things as zero-day vulnerabilities.
--
73,
Ged.
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
