Rob MacGregor wrote: > On 10/14/07, Aniruddha <[EMAIL PROTECTED]> wrote: >> Thanks for the answers, does anyone know this for sure? > > Quoting the ClamAV home page: > > ...designed especially for e-mail scanning on mail gateways. > > So no, it's not designed to detect rootkits. >
Though, it might be interesting if someone came up with a set of signatures that matched known rootkits on various platforms. It would probably turn out to be kind of a large signature database, though, just because it will have to use unique signatures for each OSxProcessor (and possibly xCompiler, and possibly x2 for static vs dynamic linking). It's not going to be something someone throws together over night, but probably would be useful to the security community in general. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html