We have some ideas here Benny, but nothing in the pipeline today.
If we incorporated SaneSecurity’s sigs (we need permission to do so from Steve), then we could ingest them, and de-dupe any hash-based sigs that we have that other types of sigs alert on (we do this today for our own internal sigs) The hash based sigs are a method for us to automatically get sigs out right now instead of later. As we all have other things we are doing. -- Joel Esler | Talos: Manager | [email protected]<mailto:[email protected]> On May 4, 2017, at 5:57 PM, Benny Pedersen <[email protected]<mailto:[email protected]>> wrote: Henrik K skrev den 2017-05-04 23:30: So we traded memory for equal disk. No surprise there, those bazillion hashes need their space. I guess someone should just serve them up in cloud somewhere like... Immunet? ^_^ and scan times is still the same ?, while load time is considred very fast since it now dont need to unzip main.cvd ? :) wish for freshclam, save cvd files in unpacked state so it does not need to unpack on load freeshclam can update cvd files and pack it with zlib, but it sigtool can unpack it to being not zlipped saved, hmm zlip packed data is only usefull for mirror updateing to save data transfer imho on diff updatees it does not get much saved oh well :=) _______________________________________________ clamav-users mailing list [email protected]<mailto:[email protected]> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
