[clamav-users] ClamAV UnOfficial Database
Reindl Harald
h.reindl at thelounge.net
Thu May 4 12:57:51 UTC 2017
Am 04.05.2017 um 13:39 schrieb crazy thinker:
> Please find below ClamAV performance statistics
>
> In our recent *ClamAV Detection rate test*….
>
> Sanesecurity signatures : *97.11%*
> SecuriteInfo signatures (free) : 19.03%
> ClamAV Official only signatures: 13.82%
>
> Number of signatures:
>
> Sanesecurity signatures : *249,766*
> SecuriteInfo (free) : 1,110,596
> ClamAV Only : 4,137,929
>
> Date of oldest malware Sample in test : 06.01.2015
> Date of newest malware Sample in test: 05.12.2015
>
>
> Optimized Database means the db having leass no of signatures and can able
> to give more malware detection rate
that logic by itslef is nonsense - how would less signatures give better
rates?
but yes, on a mailsevrer the official signatures are completly useless
and hence we don't push them for many months from the machine running
freshcalm to the inbound mailserver
why?
beause analyze 6 months logs gave only 3 hits on the offical at all and
even for them it's unknown if it would not have been caught by the
unnoficila anyways and because it's unacceptable having a clamd process
which wastes nearly 1 GB of RAM hanging around when he don't catch anything
More information about the clamav-users
mailing list