I’m trying to configure ClamAV to detect viruses and malware in files uploaded to a server. I have some test files that Avast has detected as infected with SNH-gen [Phish]. However, ClamAV is not detecting the same files. I have also tried adding 3rd party sigs to ClamAV via ExtremeShok unofficial sigs:

https://github.com/extremeshok/clamav-unofficial-sigs

Still, the phishing files are not detected. The files that Avast is detecting are HTML files coded to resemble Microsoft login screens. Can anyone recommend 3rd party sigs that would detect this type of file?

Otherwise, can anyone recommend another more robust AV scanner (preferably free) that I can run on the server? Avast has a Linux server product but it is $259 per year. Might go that route if I don’t find any other options.

submitted by /u/shampoopy
[link] [comments]

Go to Source of this post
Author Of this post: /u/shampoopy

By admin