On Mon, 15 Mar 2004 20:02:49 + (GMT)
Andy Fiddaman <[EMAIL PROTECTED]> wrote:
>
>
> On Mon, 15 Mar 2004, Martin A. Brooks wrote:
> ; Part of the text file is a boilerplate set of instructions on how
> to make; an EICAR test file. Clam detects this signature and marks
> the file as; being i
At 20:02 15/03/2004, you wrote:
Clam's behaviour is incorrect because the Eicar test file page
(http://www.eicar.org/anti_virus_test_file.htm) states:
"Any anti-virus product that supports the test file should detect it in any
file providing that the file starts with the following 68 characters, an
On Mon, 15 Mar 2004, Martin A. Brooks wrote:
; Part of the text file is a boilerplate set of instructions on how to make
; an EICAR test file. Clam detects this signature and marks the file as
; being infected. NAI and Norton AV do not.
;
; I'm undecided as to which action is correct and would
Hi
One of our clients uses a multiple vendor AV solution (clam included) and
has found an interesting scenario. They get sent signature updates and
fixes from NAI which are sent as a non-passworded zip file. The zip file
typically contains a single binary file and a text "readme" type file.
