[Snort-users] Block

Frank Knobbe frank at ...9761...
Mon Feb 16 14:51:06 EST 2004

On Mon, 2004-02-16 at 16:23, Paul Schmehl wrote:
> I would like to add a caution to this.  If you are going to use clamav, do 
> not depend on it as your only gateway defense.  Use it as part of a more 
> complete strategy.  Recent testing by an authoritative source shows that 
> clamav only catches about 50% of the in-the-wild viruses.  (This is really 
> off topic for snort, so if you want to discuss the details, email me off 
> list.)

Uhm, I'm not sure about that, Paul. I've heard from folks that caught
new viruses with Clamav before Norton got it. Matter the fact, just
recently there was a posting somewhere (I'm sure you've seen that since
you are on most lists) that showed that clamav had a signature for it

I have nothing but pleasant experience with clamav. I can't believe how
well it works for being OpenSource.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040216/91b4f1f2/attachment.sig>

More information about the Snort-users mailing list