Please ping me in private chat.. both u and me can do something different
On 10 May 2017 at 16:24, Al Varnell <alvarn...@mac.com> wrote: > I would't know where to start. > > -Al- > > On Wed, May 10, 2017 at 03:41 AM, crazy thinker wrote: > > > > @AI Varnell > > Yes, I have plans to rewrite it from scratch.. you willing to join me ?:) > > > > On 9 May 2017 at 13:08, Al Varnell <alvarn...@mac.com> wrote: > > > >> On Tue, May 09, 2017 at 12:29 AM, crazy thinker wrote: > >>> > >>> Thanks for Reply. How many Heuristic Scan Engines ClamAV using Now? > >> > >> I only know of one. > >> > >> All the other heuristic approaches use the primary scanner along with > >> signatures designed to detect suspicious patterns in file names or > coding. > >> > >>> what > >>> are extensions of db files used by ClamAV Heurisitci Engine? > >> > >> As I told you on Friday... > >>> There's a heuristics engine that uses data from the .pdb and .sfp > >> sections of the database to detect messages from selected financial > >> institutions that appear to be phishing attempts. > >> > >>> Can I > >>> Increase Heuristic Scan Engine Count ? > >> > >> I suspect you would have to write your own. > >> > >> -Al- > >> > >>> On 9 May 2017 at 12:21, Al Varnell wrote: > >>> > >>>> I already answered most of these questions before and after reading > "My > >>>> Understanding" which is totally wrong, it's obvious you have not read > >> the > >>>> signature.pdf documentation closely enough to understand an of this. > >>>> > >>>> The way you have chosen to classify signatures is completely wrong, > >> which > >>>> means the questions you've asked don't make any sense. All signatures > in > >>>> the database are static in that they only change when replaced by a > more > >>>> accurate signature. There is nothing dynamic about any of them. > >>>> > >>>> The signature based scanner uses both fixed and variable length > >> signatures. > >>>> > >>>> As I told you before, the heuristics based scanner only checks a > limited > >>>> list of financial institutions for phishing attempts. That only > >> represents > >>>> a tiny fraction of what could be considered behavior based malware > >>>> detection. And the database is used to define what financial > >> institutions > >>>> are included as well as the ability to whitelist certain behaviors > that > >> are > >>>> known to not be a threat. > >>>> > >>>> On Mon, May 08, 2017 at 10:49 PM, crazy thinker wrote: > >>>>> > >>>>> Hi ClamAV Developers,Users > >>>>> > >>>>> As per My Understnading , Virus Signatures are Classified into two > >> types > >>>>> > >>>>> 1.Static Virus Signatures(short/fixed length virus signatures) > >>>>> 2.Dynamic Virus Signatures(long length Signatures with Regular > >>>> Expression) > >>>>> > >>>>> So I guess, ClamAV performing both Signature Based Scanning and > >>>> Heuristic > >>>>> Based Scanning for Malware Detection Process > >>>>> > >>>>> Please find below questions that in my mind > >>>>> > >>>>> 1.Does Signature Based Scanner uses only Static Signatures (not > >> Dynamic > >>>>> Signatures) ? > >>>>> 2.Does Heuristic Scanner uses only Dynamic Signatures for Malware > >>>>> Detection? > >>>>> 3. If Herusitc Scanner uses Behaviour Based Approach, why Heuristic > >>>>> Scanner needs Virus Database? > >>>>> 4.To implement Efficient AV Scanner, Can I go with Heuristic > Scanning > >>>>> Approach and Excluding Signature Based Scanning Approach? > >>>>> > >>>>> I would like to get help/suggestions from you guys... > >>>>> > >>>>> > >>>>> Kindly waiting for your reply!!!! > >>>>> > >>>>> > >>>>> Thanks, > >>>>> Crazy Thinker, Inc > >> > >> _______________________________________________ > >> clamav-users mailing list > >> clamav-users@lists.clamav.net > >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > >> > >> > >> Help us build a comprehensive ClamAV guide: > >> https://github.com/vrtadmin/clamav-faq > >> > >> http://www.clamav.net/contact.html#ml > >> > > _______________________________________________ > > clamav-users mailing list > > clamav-users@lists.clamav.net > > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > > > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > -Al- > -- > Al Varnell > Mountain View, CA > > > > > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
