[sanesecurity] Re: Message scanner
- From: "GrayHat" <grayhat@xxxxxxx>
- To: <sanesecurity@xxxxxxxxxxxxx>
- Date: Fri, 4 Dec 2009 08:33:55 +0100
> Tbb's port is the one I use to test/produce the signatures
> and also run on my workplace server and in short.. it rocks :)
Agreed, same here; I also used this one
http://oss.netfarm.it/clamav/
which (apparently) is from the same author, but had
some intermittent issues with that so switched to the
tBB version and had no issues at all (at least not till
now)
So, while I can understand that VT folks want to go
for the "official releases" I think that it's crazy NOT
using the tBB one ... heck, they may AT LEAST give
it a spin (e.g. something like a "beta service")
Then btw there's another issue; the VT scanner at
the moment is only using the official signatures and
I think they're fetching them using "freshclam", so, to
use the extra sigs they'll also need to setup one of
the updater scripts (and since we're at it, Steve...
did you get my email ?) to ensure they'll also fetch
the additional sigs... also, and about the latter, they
will also need to decide which signatures to pick;
as you all know, there are several different and in
some way "overlapping" sig files
At any rate, I think that, if someone here has a decent
contact with the VT folks, it may be interesting to ping
them and discuss the idea
Other related posts:
