The ClamAV was developed to be an open source (GPL) anti-virus toolkit, especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates.
The core of the package is an anti-virus engine available in a form of shared library. Copy the virus database packages to the "database" directory inside the main ClamAV folder. The database packages can be downloaded from here.
Here are some key features of "ClamAV":
· POSIX compliant, portable
· Fast scanning
· Detects over 750.000 viruses, worms and trojans, including Microsoft Office macro viruses, mobile malware, and other threats
· Built-in bytecode interpreter allows the ClamAV signature writers to create and distribute very complex detection routines and remotely enhance the scanner’s functionality
Scans within archives and compressed files (also protects against archive bombs), built-in support includes:
· Zip (including SFX)
· RAR (including SFX)
· 7Zip
· ARJ (including SFX)
· Tar
· CPIO
· Gzip
· Bzip2
· MS OLE2
· MS Cabinet Files (including SFX)
· MS CHM (Compiled HTML)
· MS SZDD compression format
· BinHex
· SIS (SymbianOS packages)
· AutoIt
· InstallShield
Supports Portable Executable (32/64-bit) files compressed or obfuscated with:
· AsPack
· UPX
· FSG
· Petite
· PeSpin
· NsPack
· wwpack32
· MEW
· Upack
· Y0da Cryptor
· Supports ELF and Mach-O files (both 32- and 64-bit)
· Supports almost all mail file formats
Support for other special files/formats includes:
· HTML
· RTF
· PDF
· Files encrypted with CryptFF and ScrEnc
· uuencode
· TNEF (winmail.dat)
· Advanced database updater with support for scripted updates, digital signatures and DNS based database version queries
0 comments:
Post a Comment