On 28.02.2016 14:26, Theodore Alcapotaxis wrote:
I can’t imagine why the competition would ever be willing to share their signature
databases with>anybody.
It's industry practice that a third-party vendor, e.g. Symantec, discovers a
new virus, it has to share it with other vendors such as Es
Hi,
I wrote a signature against one of the temporary files clamav
pulled out of a pdf when --scan-pdf=yes.
(The signature does not hit when --scan-pdf=no.)
If the signature is TargetType 10 = PDF it was not hit.
If it was type 0 = any file, it was hit. But it would also be hit
by other files
On Saturday, February 27, 2016 11:38:16 PM Theodore Alcapotaxis wrote:
> --- deb...@kitterman.com wrote:
> >From: Scott Kitterman
> >To: clamav-users@lists.clamav.net
> >Subject: Re: [clamav-users] Unable to run freshclam on Debian Jessie
> >Date: Sat, 27 Feb 2016 23:02:19 -0500
> >
> >What are yo
--- alvarn...@mac.com wrote:
>From: Al Varnell
>To: ClamAV users ML
>Subject: Re: [clamav-users] Add virus databases and signatures from
>third-party vendors
>Date: Sat, 27 Feb 2016 23:58:15 -0800
>
>I can’t imagine why the competition would ever be willing to share their
>signature database
Hi,
--heuristic-scan-precedence=no is broken in clamav-0.99
eg create a test encrypted zip /tmp/abcdef.zip
clamscan -z --database=/tmp/test.ndb --block-encrypted=yes /tmp/abcdef.zip
/tmp/abcdef.zip: Heuristics.Encrypted.Zip FOUND
clamscan -z --database=/tmp/test.ndb --block-encrypted=no /tmp/
On 28.02.2016 08:58, Al Varnell wrote:
Why would a user invest in a commercial A-V software package if they could get
the same scanning protection for free?
Anti-Virus solutions not only differ in signature databases ...
In addition, those Companies use proprietary formats for their databases
