On 2014-02-13 11:29, Jesse Nicholson wrote:
Need to write an anti virus that uses the NIST NSRL database and
operate it
as a white list based AV. The db contains some 100 million hashes of
known
good binary files. I tried to crowd fund to do this but no one was
interested.
it would be silly to load such big db, better would be to check signed
headers in exe files, eg when you download exe files that is an
installer, it mostly says this is a known publisher or not :=)
clamav should just check this info, think about how pgp mail works
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
