On 2008-10-13 15:39, Luca Vettoretto wrote: > Hi, > I write here to ask if is it possible to use clamav to analyze a > network-dump file captured with tcpdump. I am interested to detect viruses > for the http, pop and imap protocols from that file. > > Thanks in advance for your help, and compliments for this fantastic > opesource project. >
Hi, Out-of-the-box it is not possible to analyze tcpdumps. You could however use a program that reconstructs a TCP stream from pcap files, and feed that to ClamAV. However I think it would be easier if you'd use a content-filter proxy, such as HAVP. Best regards, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
