Hi
We have ClamAV on servers and it sends a lot of False Positives related to
: Heuristics.Structured.CreditCardNumber FOUND
Almost 99% of the alerts are the same.
Can we have ClamAV to look for CreditCardNumber only on certain directories
instead of the whole file system ? How can we do that ?
Our Current ClamAV scan is :-
clamscan \
--quiet \
--stdout \
--infected \
--suppress-ok-results \
--official-db-only=yes \
--log=$LOGFILE \
--recursive \
--cross-fs=yes \
--follow-dir-symlinks=0 \
--follow-file-symlinks=0 \
--remove=no \
--exclude-dir=/dev \
--exclude-dir=/sys \
--detect-structured=yes \
--scan-mail=yes \
--phishing-sigs=yes \
--phishing-scan-urls=yes \
--heuristic-scan-precedence=yes \
--algorithmic-detection=yes \
--scan-pe=no \
--scan-elf=yes \
--scan-ole2=no \
/ \
> $REPORTFILE 2>&1
Any help will be appreciated.
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
