Michael Kang:
It depends on what you are trying to detect. The signatures should
work fine for detecting the malware they contain signatures for, but if you
are looking for ClamAV to detect malware compiled for ARM, it will detect
them if there are signatures written for that malware. The defi
Could you run two copies of clamd, one using stock db and the other using
your custom sigs? Then you would only need to signal the one running the
custom sigs when they change. Yes you would need to trigger two scans of
the target data, but the overhead shouldn't be too bad. The only thing I
can't
