Friday, June 5, 2009

ClamAV DoJoSec Talk Addendum

Just a quick note to clarify something I said yesterday at DoJoSec. During my talk, I mentioned that ClamAV is supports a variety of operating systems, including Linux, Solaris, BSD, OS X, etc. Packages are made available by third-parties for some of those. However, you can build ClamAV from the sources if there no packages for your OS or if you want to make sure that you have the very latest release. Although ClamAV is not and does not intend to be a desktop AV, what I failed to make clear is that it is possible to deploy ClamAV on Windows through an emulation layer such as Cygwin. ClamAv is aimed at the server market. From your server(s), you can scan your incoming mail, NFS share, use SMB shares to scan your Windows boxes.

Finally, in case you are wondering where to get the two tools I used in my presentation, they are available here:

ClamAV - Antivirus toolkit
PeID - Packer detector
Pe-sig - PE section-based ClamAV signature generator

No comments:

Post a Comment