[clamav-users] ClamAV+exim: scanner finds not a single malware

Groach groachmail-stopspammingme at yahoo.com
Mon May 23 12:45:09 EDT 2016


On 23/05/2016 14:44, C.D. Cochrane wrote:
>> Hi Michael,
>>
>> I made a similar inquiry last week (Signature update schedule, and
>> requirements for adding Signatures) - this was the responses:
>>>> My 2 cents would be that rapid traditional signature updates are not a viable solution to this long term problem.
>>>> I'm pretty sure the current generation >>>of Locky, Dridex, Nemucod, etc. ransomware is generated using millions
>>>> of tiny mutations so that almost every email attachment has a unique signature. >>>There is no way to keep up with
>>>> that. ClamAV got more than a million virus samples per day, last time I inquired.
>>>> ...Chris
>> Best Regards
>> Michael

As for they claim above about Dridex etc being too numerous to handle, 
Sane Security seems to be doing just a fine job of it.  (So its just a 
lame response).

Yep.   An antivirus solution that to their own admission will not be 
giving out signatures to real threats as there are too many, and 
shouldnt be used as a realtime threat protection to real threats and 
should only be used to supplement a more superior and effective AV solution.

So, tell me again, what is the point of it?

If I am already investing/relying on a more effective solution for 
Zero-day threats and realtime scanning to stop being hit, why do I need 
Clam?  (If the more effective solution is going to get it the n for sure 
Clam isnt. Like asking your one-legged Grandad to help push the car that 
is currently being towed by a toe truck).

Of course, you may have chosen to not have another solution, and to ONLY 
use the Clam default signatures.  Then you can rely on it:

a, once the threat has already hit your system and done its damage and
b, to advise you that you have been hit so you can then use another 
solution to recover/cure your (now infected) system (hopefully!)

Yeah.  I Hope people that are struggling to get through the problems of 
getting it to install/compile and download the updates and yet not use 
3rd party signatures actually realise what ultimately they are going to 
achieve.

Nada.

May they be lucky in life.



More information about the clamav-users mailing list