[clamav-users] about signature matching process
Joel Esler (jesler)
jesler at cisco.com
Fri May 19 20:11:23 UTC 2017
ClamAV will match on multiple signature types. By default it will only alert on the first match, but you can configure this differently.
--
Joel Esler | Talos: Manager | jesler at cisco.com<mailto:jesler at cisco.com>
On May 19, 2017, at 12:52 PM, Abdullah AL-Mutairy <abohabeeb1412 at gmail.com<mailto:abohabeeb1412 at gmail.com>> wrote:
hello everyone
i can see that there are different types of signatures in clamAV.
there is md5 hashes, rules, byte signatures.. etc
when I do a scan on a file, does clamav extract only one of signature of
the file or does it extract multiple of signatures of the same file and
then compare it with all types of signatures?
thanks!
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list