[clamav-users] Input Stream Scanning for very large files
Micah Snyder (micasnyd)
micasnyd at cisco.com
Fri Jan 25 09:32:55 EST 2019
Regarding specific limits, I'm sorry to say that ClamAV is presently limited to max file size of 4GB on most systems (and, I think unintentionally, 2GB on some systems).
On Jan 24, 2019, at 4:23 PM, J.R. <themadbeaker at gmail.com<mailto:themadbeaker at gmail.com>> wrote:
I think I framed my problem statement differently.
So, our requirement is similar the one asked by John in the
below link. I do not know if the solution proposed is a correct one..
Also, how do you propose I should scan an archive of 100GB ( let's say) size.
Does clamav have any limitations on scanning a single file of such huge size ??
Without knowing more about this "archive" it's hard to say if ClamAV
will even pick up anything, due to the reason Micah gave in his reply.
But another issue is if this is just one humongous file you are trying
to shove through and say it *does* trigger some virus... How are you
going to know what / where the virus is? All you know is its somewhere
in your massive archive file...
You would be much better off scanning the individual files as you
assemble said archive, and obviously only need to scan files where an
infection would make sense (i.e. a text file isn't going to contain a
There are stream settings in the clamd.conf, but I don't know what the
hard upper-limits are.
In cases like this, it's probably best to assemble you own sample
archives, one clean & one infected, and run through your proposed
process. If it works as intended, then create a few more samples and
re-test... If it doesn't work as intended then you'll need to re-think
clamav-users mailing list
clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
Help us build a comprehensive ClamAV guide:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the clamav-users