We have some ideas here Benny, but nothing in the pipeline today.
If we incorporated SaneSecurity’s sigs (we need permission to do so from
Steve), then we could ingest them, and de-dupe any hash-based sigs that we have
that other types of sigs alert on (we do this today for our own internal sig
Henrik K skrev den 2017-05-04 23:30:
So we traded memory for equal disk. No surprise there, those bazillion
hashes need their space. I guess someone should just serve them up in
cloud
somewhere like... Immunet? ^_^
and scan times is still the same ?, while load time is considred very
fas
On Thu, May 04, 2017 at 08:36:00PM +0300, Henrik K wrote:
> On Thu, May 04, 2017 at 02:57:51PM +0200, Reindl Harald wrote:
> >
> > it's unacceptable having a clamd process which wastes nearly 1 GB of RAM
> > hanging around when he don't catch anything
>
> For once I have to agree..
>
> My stats:
I have to agree on the memory requirements for clamd being high. I
wonder if it would make sense to store the data set of signatures in a
tiered hierarchy, with some of the less used data being on disk until
there's a hit? i don't know enough about the internals and scanning
algorithm used in c
On Thu, May 04, 2017 at 02:57:51PM +0200, Reindl Harald wrote:
>
> it's unacceptable having a clamd process which wastes nearly 1 GB of RAM
> hanging around when he don't catch anything
For once I have to agree..
My stats:
ClamAV - 10 million sigs (includes most sanesecurity stuff)
Sophos - 13 m
Joel Esler (jesler) wrote:
We already distribute some third party feeds into the official database, we
have a program for that which can be found on our website.
For my part I would far prefer an enhancement to freshclam to allow it
to download arbitrary third-party signature sets, much as Sp
You make this harder than is necessary. Create a directory for your preferred
signature files in it (/var/lib/crazyclam, for example), put your preferred
signature files in it, create a new clamd config file (crazyclamd.conf, for
example) with that directory defined (DatabaseDirectory /var/lib/c
>> We already distribute some third party feeds into the official database,
we have a program for that which can be found on our website.
We would love to incorporate Sanesecurity's feed, all they have to do is
give us the okay to do it. <<
Gosh that would be marvelous!
I'm quite interested i
Am 04.05.2017 um 13:52 schrieb Joel Esler (jesler):
We already distribute some third party feeds into the official database, we
have a program for that which can be found on our website.
We would love to incorporate Sanesecurity's feed, all they have to do is give
us the okay to do it
you
Am 04.05.2017 um 13:39 schrieb crazy thinker:
Please find below ClamAV performance statistics
In our recent *ClamAV Detection rate test*….
Sanesecurity signatures :*97.11%*
SecuriteInfo signatures (free) : 19.03%
ClamAV Official only signatures: 13.82%
Number of signatures:
Sa
3rd party signatures distributed by us, are signed.
--
Sent from my iPhone
> On May 4, 2017, at 08:27, Benny Pedersen wrote:
>
> Joel Esler (jesler) skrev den 2017-05-04 14:19:
>> We'd have to evaluate which feeds would be appropriate for the ClamAV
>> Db. The more coverage the better, with
Joel Esler (jesler) skrev den 2017-05-04 14:19:
We'd have to evaluate which feeds would be appropriate for the ClamAV
Db. The more coverage the better, with fewest false positives.
agree, but i like to know if it will be opt out or opt in aswell, would
it be considered to make all 3dr party s
We'd have to evaluate which feeds would be appropriate for the ClamAV Db. The
more coverage the better, with fewest false positives.
--
Sent from my iPhone
> On May 4, 2017, at 08:04, Benny Pedersen wrote:
>
> Joel Esler (jesler) skrev den 2017-05-04 13:52:
>> We already distribute some thir
Joel Esler (jesler) skrev den 2017-05-04 13:52:
We already distribute some third party feeds into the official
database, we have a program for that which can be found on our
website.
+1
We would love to incorporate Sanesecurity's feed, all they have to do
is give us the okay to do it.
would
crazy thinker skrev den 2017-05-04 13:39:
Sanesecurity signatures :*97.11%*
SecuriteInfo signatures (free) : 19.03%
ClamAV Official only signatures: 13.82%
all this is not virus signature, so for me this does not count
Number of signatures:
Sanesecurity signatures : *249,766*
We already distribute some third party feeds into the official database, we
have a program for that which can be found on our website.
We would love to incorporate Sanesecurity's feed, all they have to do is give
us the okay to do it.
--
Sent from my iPhone
> On May 4, 2017, at 07:29, craz
@Benny Pendersen Dude ... please find link in previous mail thread
On 4 May 2017 at 17:10, crazy thinker wrote:
> http://sanesecurity.com/
>
> On 4 May 2017 at 17:09, crazy thinker wrote:
>
>> Please find below ClamAV performance statistics
>>
>> In our recent *ClamAV Detection rate test*….
>>
http://sanesecurity.com/
On 4 May 2017 at 17:09, crazy thinker wrote:
> Please find below ClamAV performance statistics
>
> In our recent *ClamAV Detection rate test*….
>
> Sanesecurity signatures :*97.11%*
> SecuriteInfo signatures (free) : 19.03%
> ClamAV Official only signatures
Please find below ClamAV performance statistics
In our recent *ClamAV Detection rate test*….
Sanesecurity signatures :*97.11%*
SecuriteInfo signatures (free) : 19.03%
ClamAV Official only signatures: 13.82%
Number of signatures:
Sanesecurity signatures : *249,766*
SecuriteInfo (f
crazy thinker skrev den 2017-05-04 13:28:
Hi ClamAV Developers, Users
To my curiosity, i want to remove ClamAV Official Database and plan to
integrate unofficial database with clamav engine.. i heard that
Sanesecurity signatures increases ClamAV performance upto 90%..
where did you read tha
Hi ClamAV Developers, Users
To my curiosity, i want to remove ClamAV Official Database and plan to
integrate unofficial database with clamav engine.. i heard that
Sanesecurity signatures increases ClamAV performance upto 90%.. so i am
thinking that excluding ClamAV Official Database not afffe
21 matches
Mail list logo
