2008/10/13 Török Edwin <[EMAIL PROTECTED]> > On 2008-10-13 15:39, Luca Vettoretto wrote: > > Hi, > > I write here to ask if is it possible to use clamav to analyze a > > network-dump file captured with tcpdump. I am interested to detect > viruses > > for the http, pop and imap protocols from that file. > > > > Thanks in advance for your help, and compliments for this fantastic > > opesource project. > > > > Hi, > > Out-of-the-box it is not possible to analyze tcpdumps. You could > however use a program that reconstructs a TCP stream from pcap files, > and feed that to ClamAV. > > However I think it would be easier if you'd use a content-filter proxy, > such as HAVP. > > Thank you for your very fast answer and for your interesting suggestion. I will read the documentation of that project to understand if it is possible to analyze my tcpdump file using HAVP.
Bye Luca _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
