On Mon, 2004-11-15 at 18:00 +0100, Julian Mehnle wrote: > Brian Morrison [EMAIL PROTECTED] wrote: > > What I am suggesting is that, because you appear to have a requirement > > that is significantly different from nearly everyone else that has > > responded in this thread,
> What I don't understand is that no one seems to be willing to discuss my > proposal of making the signature database modular, i.e. offer social > engineering attack signatures separately from technical attack ones for > download and installation. That would solve my and others' problem > nicely, and would take _nothing_ away from those who don't care what > ClamAV detects. Ah, then we would have all manner of classifications - is it social? Is it Adware? Is it a trojan? Does it promulgate via IRC? or ...? But then the signature writers would have to tag all of the viruses, and decide which of the 47 classes (or multiple, semi-overlapping classes) to split them all into, instead of slamming out a sig to catch the latest mail worm that just killed your network. And, that would require a new format for the signatures - starting off by classifying all 28K legacy signatures, creating a new format that allows people to select the classes they want, going through a 2-month beta period and probably a one-year "upgrade period" where they have to maintain two distinct formats... And the reason for this effort? So you can report e-mail as spam? Because you have sophisticated users who like poking fun at phishers? Doesn't sound like a useful or simple solution to me. And don't you think there are other people with unprotected boxes who will get the phishes and report them? Or are you the key to the spamcop network, and without your input the system will collapse? clamav kills bad things - that's good, and I'd like it to be able to continue to kill bad things in the same expedient manner that it has in the past. -- Daniel J McDonald, CCIE # 2495, CNX Austin Energy [EMAIL PROTECTED] _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
