I would't know where to start. -Al-
On Wed, May 10, 2017 at 03:41 AM, crazy thinker wrote: > > @AI Varnell > Yes, I have plans to rewrite it from scratch.. you willing to join me ?:) > > On 9 May 2017 at 13:08, Al Varnell <[email protected]> wrote: > >> On Tue, May 09, 2017 at 12:29 AM, crazy thinker wrote: >>> >>> Thanks for Reply. How many Heuristic Scan Engines ClamAV using Now? >> >> I only know of one. >> >> All the other heuristic approaches use the primary scanner along with >> signatures designed to detect suspicious patterns in file names or coding. >> >>> what >>> are extensions of db files used by ClamAV Heurisitci Engine? >> >> As I told you on Friday... >>> There's a heuristics engine that uses data from the .pdb and .sfp >> sections of the database to detect messages from selected financial >> institutions that appear to be phishing attempts. >> >>> Can I >>> Increase Heuristic Scan Engine Count ? >> >> I suspect you would have to write your own. >> >> -Al- >> >>> On 9 May 2017 at 12:21, Al Varnell wrote: >>> >>>> I already answered most of these questions before and after reading "My >>>> Understanding" which is totally wrong, it's obvious you have not read >> the >>>> signature.pdf documentation closely enough to understand an of this. >>>> >>>> The way you have chosen to classify signatures is completely wrong, >> which >>>> means the questions you've asked don't make any sense. All signatures in >>>> the database are static in that they only change when replaced by a more >>>> accurate signature. There is nothing dynamic about any of them. >>>> >>>> The signature based scanner uses both fixed and variable length >> signatures. >>>> >>>> As I told you before, the heuristics based scanner only checks a limited >>>> list of financial institutions for phishing attempts. That only >> represents >>>> a tiny fraction of what could be considered behavior based malware >>>> detection. And the database is used to define what financial >> institutions >>>> are included as well as the ability to whitelist certain behaviors that >> are >>>> known to not be a threat. >>>> >>>> On Mon, May 08, 2017 at 10:49 PM, crazy thinker wrote: >>>>> >>>>> Hi ClamAV Developers,Users >>>>> >>>>> As per My Understnading , Virus Signatures are Classified into two >> types >>>>> >>>>> 1.Static Virus Signatures(short/fixed length virus signatures) >>>>> 2.Dynamic Virus Signatures(long length Signatures with Regular >>>> Expression) >>>>> >>>>> So I guess, ClamAV performing both Signature Based Scanning and >>>> Heuristic >>>>> Based Scanning for Malware Detection Process >>>>> >>>>> Please find below questions that in my mind >>>>> >>>>> 1.Does Signature Based Scanner uses only Static Signatures (not >> Dynamic >>>>> Signatures) ? >>>>> 2.Does Heuristic Scanner uses only Dynamic Signatures for Malware >>>>> Detection? >>>>> 3. If Herusitc Scanner uses Behaviour Based Approach, why Heuristic >>>>> Scanner needs Virus Database? >>>>> 4.To implement Efficient AV Scanner, Can I go with Heuristic Scanning >>>>> Approach and Excluding Signature Based Scanning Approach? >>>>> >>>>> I would like to get help/suggestions from you guys... >>>>> >>>>> >>>>> Kindly waiting for your reply!!!! >>>>> >>>>> >>>>> Thanks, >>>>> Crazy Thinker, Inc >> >> _______________________________________________ >> clamav-users mailing list >> [email protected] >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml >> > _______________________________________________ > clamav-users mailing list > [email protected] > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml -Al- -- Al Varnell Mountain View, CA
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
