Differences between version 13 and previous revision of ClamAV.
Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History
Newer page: | version 13 | Last edited on Thursday, June 3, 2004 7:54:46 pm | by AristotlePagaltzis | Revert |
Older page: | version 12 | Last edited on Thursday, June 3, 2004 8:14:47 am | by RuudSchramp | Revert |
@@ -1,10 +1,9 @@
[ClamAV | http://www.clamav.net/] is a [Free] ([GPL]) [Virus] scanner for [Linux], [Solaris], [*BSD], [AIX], [MacOSX], [Cygwin] B20 on multiple architectures such as [Intel], [Alpha], [SPARC], Cobalt MIPS boxes, [PowerPC] and [RISC] 6000. It started as a [C]-based reimplementation of of the abandoned [Java] !OpenAntiVirus. Signature updates are available in an open FileFormat.
[ClamAV] comes with a tool called __freshclam__ which updates the virus database automatically: it downloads the database from !http://database.clamav.net/ (a round robin record that tries to equally balance the traffic between [all the database mirrors | http://www.clamav.net/mirrors.html]) which is split into two files called __main.cvd__ and __daily.cvd__. __daily.cvd__ is updated frequently and occasionally is merged with __main.cvd__.
-In issue 8/2004 (April 5, 2004), the German computer magazine [c't | http://www.heise.de/ct/] published a comparative review of a number of virus scanners, in which they reported that [ClamAV]'s signature updates are provided far too slowly to adequately cope with the contemporary appearance rate of new mail worms, of which new mutations sometimes follow each other within hours. On the other hand, a lot of people appear to have had experiences to the contrary.
-In the same magazine it is explained
that ClamAV doesn't include
"Code
emulation", a
way to identify [PolyMorphicVirusses]
.
+In issue 8/2004 (April 5, 2004), the German computer magazine [c't | http://www.heise.de/ct/] published a comparative review of a number of virus scanners, in which they reported that [ClamAV]'s signature updates are provided far too slowly to adequately cope with the contemporary appearance rate of new mail worms, of which new mutations sometimes follow each other within hours. On the other hand, a lot of people appear to have had experiences to the contrary. That articles also mentions
that [
ClamAV] lacks
"code
emulation", an easy
way to identify variations of a PolyMorphicVirus
.
Anyway, you can see [ClamAV]'s response times by yourself at http://news.gmane.org/gmane.comp.security.virus.clamav.virusdb
I suggest you check them out before you say [ClamAV] doesn't suit your needs. You could be surprised.