----- Original Message ----- From: "Alan Walters" <[EMAIL PROTECTED]>
> As to your comments about my config having extraneous settings (/Files), > I'll agree - but for a different reason. The /Files is used to specify the > PATH, not the type of files to scan. After reviewing > http://www.bitdefender.com/support/files/bdc.chm I've concluded that /Files > is already set by default and thus unnecessary. Whatever, like I said, it's unnecassary. > As far as missing some important settings, I'll disagree completely. The > above link shows that /r is to specifically scan Archives, the /i is to > specifically scan Mail (whatever that means). I believe since I'm using > /All that /r and /i would be redundant. I'm not sure why you would want to > suppress warnings with /W? I took that to mean suspicious files, which I do > want to be warned about. The /alev= and /flev= default to infinity so > shouldn't need to be specified at all. Take a look at all of the other virus configs in the manual, all have the flag set to scan archives. If you don't set this flag (/r), then BitDefender will not unarchive the file before attempting to scan. The /w flag is enable because it does not hurt anything to have it set and will be able to scan inside MIME, UUE, XXE and BinHex files, if they are possibly not decoded properly by Declude. The /W switch prevents console or other NetBIOS warning from poping up, and has absolutly nothing to do with the information that Declude uses in the report file. The /alev= /flev= settings and you will be setting yourself up for zip bombs (search on "Zip of Death"), that is, files that are zipped hundred or thousands of times, eating up all of your systems resources while trying to unarchive the file. See: http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html Again, take a look at the manual and you will see that all of the other virus scanners that support notification suppression, archive scanning, mail file scanning, and archive depth scanning controls, they are used. But it's you system, and if you want to blindly compromies it instead of learning from someone that has been doing this for a long time, that's your progative. Bill --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
