[clamav-users] Difficult malwarefiles - signature too short
Al Varnell
alvarnell at mac.com
Tue Nov 3 18:57:57 UTC 2015
On Tue, Nov 03, 2015 at 10:06 AM, G.W. Haywood wrote:
>
> Hello again,
>
> On Tue, 3 Nov 2015, Kris Deugau wrote:
>
>> Customers will get very unhappy if you blindly delete all PHP files from
>> their webhosting account...
>
> I don't remember suggesting that.
>
> My point is that ClamAV is designed to look for known threats.
Not entirely true. It does have a heuristics engine to look for possible phishing e-mails and there are a few signatures that also look for suspicious files, but for the most part that’s correct.
> The OP is looking for unknown threats.
>
> I'm left feeling that what the OP is trying to do makes little sense,
> and if even it did make sense, ClamAV wouldn't be the right tool with
> which to attempt do it.
-Al-
--
Al Varnell
Mountain View, CA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2366 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20151103/394db98b/attachment.bin>
More information about the clamav-users
mailing list