[clamav-users] Questions about ClamAV
Micah Snyder (micasnyd)
micasnyd at cisco.com
Mon Nov 20 23:48:12 UTC 2017
Hello,
1. Can it scan all files/data from a dirty S3 bucket, and place the files
into a clean bucket?
I don’t have experience working with S3 buckets. ClamAV works with files on a filesystem. ClamAV’s ability to move files during scanning is limited to moving dirty files, not moving clean files. For example: https://askubuntu.com/questions/171441/how-to-quarantine-or-delete-infected-files-with-clamav In theory you could use a technology such as S3FS to mount your S3 bucket as a file system and then scan the files as such. However, I make no guarantees about how well that will work.
2. Does it have the ability to scan large files (2 GBs+)?
ClamAV currently has max file size limits around 2GB.
3. Is it compatible with both Linux and Windows?
Yes, however certain features (e.g. on access scanning) are limited to Linux.
4. Does it scale horizontally, adding more scanning capacity?
It depends on what you mean by “Scale horizontally”. The clamd component (a daemon process) may be used in conjunction with clamdscan (a process that interacts with clamd to scan with multithreading. I’m guessing, based on your question about S3 that you’re talking about the idea of hosting clamav services in the cloud and scaling up the number of instances to handle scan requests. In theory, if you could mount your S3 bucket and if clamav does handle scanning these files well, you could write a wrapper around clamdscan to accept scan requests in a scalable architecture. That said, I still make no guarantees about the scan performance and of course this cloud-scaling wrapper tech is not provided as a part of ClamAV.
5. Does it give the user the ability to load their own virus signatures (in
addition to pulling signatures down from vendor's site)?
Yes.
Micah Snyder
Software Engineer
Talos Intelligence
Cisco Systems, Inc.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message.
On Nov 20, 2017, at 2:34 PM, Brian Turner <brian.turner at blue-star-software.com<mailto:brian.turner at blue-star-software.com>> wrote:
Hello,
I have a few questions about ClamAV.
1. Can it scan all files/data from a dirty S3 bucket, and place the files
into a clean bucket?
2. Does it have the ability to scan large files (2 GBs+)?
3. Is it compatible with both Linux and Windows?
4. Does it scale horizontally, adding more scanning capacity?
5. Does it give the user the ability to load their own virus signatures (in
addition to pulling signatures down from vendor's site)?
--
Brian Turner
Blue Star Software
p: 703.968.1974 m: 301.980.6657 a: 8500 Leesburg Pike #403 Vienna, VA 22182
s: http://www.blue-star-software.com e: brian.turner at blue-star-software.com<mailto:brian.turner at blue-star-software.com>
Listed as a "Best Place to Work" by the Washington Business Journal in 2016
and 2017!
*Read our company reviews on Glassdoor
<https://www.glassdoor.com/Reviews/Blue-Star-Software-Reviews-E896732.htm> to
learn more!*
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list