[clamav-users] ClamXav and Compressed Files
Joel Esler (jesler)
jesler at cisco.com
Mon Mar 30 10:15:31 EDT 2015
On Mar 29, 2015, at 7:57 AM, Dennis Peterson <dennispe at inetnw.com<mailto:dennispe at inetnw.com>> wrote:
On 3/29/15 4:55 AM, TR Shaw wrote:
On Mar 29, 2015, at 1:45 AM, Dennis Peterson <dennispe at inetnw.com<mailto:dennispe at inetnw.com>> wrote:
On 3/28/15 10:43 PM, Jinwon Lee wrote:
Thanks for that. I guess ‘Hash Value’ refers to the ClamAV identifying the .dmg as a known file that contains virus/es.
That was the case too for password protected zip files. If you can't burst the contents you condemn the wrapper.
Not entirely complete as you can tell ClamAV to mark encrypted zip and rar's as viruses without having a "sig".
Many milters will do the same without invoking clamav, so that's of limited value.
A feature is a feature to someone. Not everyone finds it useful, but for the 10 people that do, it’s the most important thing to them.
Open Source Manager
Threat Intelligence Team Lead
More information about the clamav-users