[clamav-users] OnAccess and regular scanning

[Micah Snyder (micasnyd)]

ClamAV only has built-in support for OnAccess scanning on Linux.

If there are people claiming that OnAccess scanning can be bypassed, you should ask them for more details.  To my knowledge it hasn’t been discussed here before, and is the first I have heard of it.

Regards,
Micah


From: clamav-users <clamav-users-bounces at lists.clamav.net> on behalf of Al Varnell via clamav-users <clamav-users at lists.clamav.net>
Reply-To: ClamAV users ML <clamav-users at lists.clamav.net>
Date: Tuesday, September 24, 2019 at 7:23 AM
To: ClamAV users ML <clamav-users at lists.clamav.net>
Cc: Al Varnell <alvarnell at mac.com>
Subject: Re: [clamav-users] OnAccess and regular scanning

I suspect it will depend on what platform you are running it on.

-Al-


On Sep 24, 2019, at 04:20, Franky Van Liedekerke via clamav-users <clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>> wrote:

Hi all,

currently I have onaccess scanning up and running just fine in clamav. However, some people claim this can be bypassed (so access a file and not force it to be scanned), so I have some questions:

- is this true? Can onaccess be bypassed?
- if so: can I force a scan of all files that should be protected by onaccess once a week or so? I know clamdscan exists, but you need to provide a folder to it, and via cron it seems too much to scan "/". Or maybe force a scan of all files that should be protected by onaccess but haven't been accessed/scanned yet?

With friendly regards,
Franky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20190924/1eeebfc6/attachment.htm>