[clamav-users] signature processing order
Arnaud Jacques / SecuriteInfo.com
webmaster at securiteinfo.com
Tue May 24 21:29:04 UTC 2016
Hello Al,
> Because the signatures may not be identical and could be looking for two
> different things so that a variant of the original malware that could be
> caught by one sig will be overlooked by the other.
This can not happened with Securiteinfo.com sigs. We remove signatures when
Clamav official detect malwares, based on hundred of samples.
That's the only way to keep the number of signatures the lowest possible.
If 3rd party providers don't do that, they are condemned to have more and more
signatures everyday, until it breaks low memory systems.
--
Best regards,
Arnaud Jacques
SecuriteInfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
More information about the clamav-users
mailing list