I can't answer for Ed, but usually the stats are built from the scanner software/plugin that scans the email. I'm using qmail-scanner so I'm building my stats from Qmail-Scanner Statistics (http://sourceforge.net/projects/qss/), it gives a nice graphic representation of the viruses found, sender domains and trends.
BR, Daniel Wiberg
[EMAIL PROTECTED] wrote:
Hi Ed,
I was wondering how you got the statistics you displayed below, does clamav keep some cumulative statistics of viruses found?
Also, for any particular file, if clamscan finds a virus, how can I tell
which virus(es) it found? I can't seem to find how to do that by running clamscan. Even in the summary, it will only say how many were found, but
not the actual type.
Thanks Ricardo
On Tue, 29 Apr 2003 11:46:24 -0400 (EDT) Ed Phillips wrote:
2 Joke.CokeGift FOUND 2 Joke.Schmilz FOUND 2 Kit/VCL FOUND 2 TR.IWorm.MTX FOUND 2 W2000M/Thus.B.Macro FOUND 2 W32/Nimda.eml FOUND 2 W97M/VMPCK FOUND 2 Worm/Fbound.C FOUND 3 W32/Gop FOUND 4 CIH #2 FOUND 4 ClamAV-Test-Signature FOUND 4 Mid/Kakworm-Z FOUND 4 VBS.SST-A #3 FOUND 4 W32/Joke.HHold FOUND 4 W97M/Class.B FOUND 4 Worm/BadTrans.B1 FOUND 5 W32.FunLove.4099 FOUND 6 Joke.SmallPenis FOUND 6 W32/Blakan FOUND 6 W32/Joke.Jep FOUND 8 Oror-fam FOUND 10 TR.Sub7.Bonus.Srv FOUND 11 WM97/Marker FOUND 12 Worm.Yaha-L FOUND 12 Yaha.R FOUND 14 HTML/Winevar FOUND 14 W32/Worm.Winevar FOUND 14 WScr.Unsafe.D FOUND 15 VBS/Redlof-A FOUND 16 TR.Happy99/SKA FOUND 18 W32/Goner-A FOUND 18 W32/Magistr.B2 FOUND 18 W95/Hybris.PI.004 FOUND 20 Eicar-Test-Signature FOUND 20 V5M.Unstable FOUND 20 W32/Magistr.B1 FOUND 26 W32/Hybris.C FOUND 32 W32/Magistr.B4 FOUND 34 VBS.Redlof.Encoded FOUND 34 W32/Magistr.B3 FOUND 40 W95.Matrix.SCR FOUND 40 WM/Thus.B FOUND 48 W32/Magistr.B6 FOUND 48 W97/Marker FOUND 56 VBS.LoveLetter.D FOUND 62 W32/Nimda.html FOUND 82 Lirva FOUND 108 Worm.Ganda-A FOUND 138 W32/Magistr.B5 FOUND 140 Worm/Gibe.1 FOUND 160 W95/Hybris.PI.000 FOUND 160 Worm/Lentin.E FOUND 166 W95/Hybris.PI.001 FOUND 169 Worm/Klez.E FOUND 240 W32/Magistr.A FOUND 264 W95/Hybris.PI.002 FOUND 290 Lirva-B FOUND 302 Lirva-C FOUND 435 Yaha.P FOUND 506 W32/BugBear.A FOUND 526 W32/Magistr.B FOUND 528 W98/Hybris.E FOUND 796 Worm.Gibe.B FOUND 829 W32/Brid.Worm FOUND 2184 W95/Hybris.PI.003 FOUND 3846 Worm.Sobig.A FOUND 6536 Exploit.IFrame FOUND 9894 W32/Yaha.g.dam FOUND 10354 Sircam FOUND 10980 Yaha.K FOUND 119974 Exploit.IFrame.HTML FOUND 182089 Worm/Klez.H FOUND
Amazingly short list for a University with no firewalls, students and staff installing computers and hooking them to the network without any security requirements or checks, etc. Note the major percentage of our total virus counts are in the top-ten at the bottom of the list (Yep, that's 182,089 copies of Klez.H stripped out of email attachments!).
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- Daniel Wiberg www.wiberg.nu
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
