On Thu, 6 Jan 2005 20:10:33 +0300 (MSK) in [EMAIL PROTECTED] "Arkady V.Belousov" <[EMAIL PROTECTED]> wrote:
> SG> There is a main.db and a daily.db. Every so often, signatures > SG> from daily.db are pushed into main.db. > > "Pushed"? Do you mean, that some ClamAV component (which one?) > permanently modifies main.db? How it detects, that it should make > another change to main.db? And how to be sure, that some updates > wasn't missed? What he means is that the database file creators update the version of main.cvd when they include many of the daily.cvd contents in it and then daily.cvd shrinks to a small size but then grows again with each increment of its version number. This is done by the virus signature extraction team, not by users. [snip] > > BTW, how ClamAV bases are protected against deception? There are MD5 checks and also digital signing of the databases. -- Brian Morrison bdm at fenrir dot org dot uk GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
