[clamav-users] ClamAV+exim: scanner finds not a single malware
Groach
groachmail-stopspammingme at yahoo.com
Mon May 23 16:45:09 UTC 2016
On 23/05/2016 14:44, C.D. Cochrane wrote:
>> Hi Michael,
>>
>> I made a similar inquiry last week (Signature update schedule, and
>> requirements for adding Signatures) - this was the responses:
>>>> My 2 cents would be that rapid traditional signature updates are not a viable solution to this long term problem.
>>>> I'm pretty sure the current generation >>>of Locky, Dridex, Nemucod, etc. ransomware is generated using millions
>>>> of tiny mutations so that almost every email attachment has a unique signature. >>>There is no way to keep up with
>>>> that. ClamAV got more than a million virus samples per day, last time I inquired.
>>>> ...Chris
>> Best Regards
>> Michael
As for they claim above about Dridex etc being too numerous to handle,
Sane Security seems to be doing just a fine job of it. (So its just a
lame response).
Yep. An antivirus solution that to their own admission will not be
giving out signatures to real threats as there are too many, and
shouldnt be used as a realtime threat protection to real threats and
should only be used to supplement a more superior and effective AV solution.
So, tell me again, what is the point of it?
If I am already investing/relying on a more effective solution for
Zero-day threats and realtime scanning to stop being hit, why do I need
Clam? (If the more effective solution is going to get it the n for sure
Clam isnt. Like asking your one-legged Grandad to help push the car that
is currently being towed by a toe truck).
Of course, you may have chosen to not have another solution, and to ONLY
use the Clam default signatures. Then you can rely on it:
a, once the threat has already hit your system and done its damage and
b, to advise you that you have been hit so you can then use another
solution to recover/cure your (now infected) system (hopefully!)
Yeah. I Hope people that are struggling to get through the problems of
getting it to install/compile and download the updates and yet not use
3rd party signatures actually realise what ultimately they are going to
achieve.
Nada.
May they be lucky in life.
More information about the clamav-users
mailing list