Hello,

In the Message; 
  Subject    : Re: [clamav-users] Using linux command "find" to get modified 
files list for scan
  Message-ID : 
<1733718887.s.10974.autosave.drafts.1733719852.13...@webmail.rediffmail.com>
  Date & Time: 9 Dec 2024 04:50:53 -0000

[NR] == "neel roy" <neelsm...@rediffmail.com> has written:

[...]
NR>  **However** my question is this: whenever anti virus does scan,
NR> in this case, clamav, they do NOT find changed files, even (on
NR> linux) very efficient utility such as &quot;find&quot;
NR> exists. There must be a reason. What that reason could be?

There are a number of reasons why ClamAV may not detect changes to
files.

Firstly, ClamAV mainly detects malware based on known virus
signatures, so if the signature database is not up to date, it is
possible that new threats will be missed.

Also, ClamAV has a file size limit, and by default it skips files
larger than 20MB. This limit is in place to prevent excessive
consumption of system resources, but because large files cannot be
scanned, changes may be missed.

On the other hand, the Linux find command is a powerful tool for
efficiently searching for files and directories, but it does not
directly detect file changes.

Find searches for files based on the specified conditions, so in order
to detect file changes, it is necessary to accurately specify the
conditions for the files that have been changed.

For these reasons, if ClamAV is unable to detect file changes, it is
important to consider updating the signature, reviewing the settings,
or using it in conjunction with other security tools.

Best Regards.

---
┏━━┓彡     Masaru Nomiya                   mail-to: nomiya @ lake.dti.ne.jp
┃\/彡
┗━━┛       "During testing, Sakana found that its system began unexpectedly
               attempting to modify its own experiment code to extend the time
               it had to work on a problem."
               
               -- Research AI model unexpectedly attempts to modify its own code
                  to extend runtime (ars TECHNICA) --
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Reply via email to