[clamav-users] ClamAV sends lots of False Positives : Heuristics.Structured.CreditCardNumber FOUND
Dennis Peterson
dennispe at inetnw.com
Tue Oct 27 23:14:52 UTC 2015
Yes - of course it can.
clamscan --help |egrep "include|exclude"
dp
On 10/27/15 12:23 AM, Zeal Vora wrote:
> Hi
>
>
> We have ClamAV on servers and it sends a lot of False Positives related to
> : Heuristics.Structured.CreditCardNumber FOUND
>
> Almost 99% of the alerts are the same.
>
> Can we have ClamAV to look for CreditCardNumber only on certain directories
> instead of the whole file system ? How can we do that ?
>
> Our Current ClamAV scan is :-
>
> clamscan \
> --quiet \
> --stdout \
> --infected \
> --suppress-ok-results \
> --official-db-only=yes \
> --log=$LOGFILE \
> --recursive \
> --cross-fs=yes \
> --follow-dir-symlinks=0 \
> --follow-file-symlinks=0 \
> --remove=no \
> --exclude-dir=/dev \
> --exclude-dir=/sys \
> --detect-structured=yes \
> --scan-mail=yes \
> --phishing-sigs=yes \
> --phishing-scan-urls=yes \
> --heuristic-scan-precedence=yes \
> --algorithmic-detection=yes \
> --scan-pe=no \
> --scan-elf=yes \
> --scan-ole2=no \
> / \
> > $REPORTFILE 2>&1
>
>
>
> Any help will be appreciated.
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list