Main Page/IT/clamav

From Lewis Consultancy Wiki
< Main Page‎ | IT
Jump to: navigation, search

Notes on ClamAV

Create a custom signature

This is useful for scanning mail for zip files that contain .EXE and .SCR files which will almost ceratinly be malicious.

Create a file in /var/lib/clamav called zipexe.zmd:

ZippedExe:0:.*\.exe:*:*:*:*:*:*
ZippedExe:0:.*\.scr:*:*:*:*:*:*

and restart clamd.