Mailing List Archive

Michael,



Here’s the update mailing list: https://lists.clamav.net/mailman/listinfo/clamav-virusdb



Sincerely,



Eric Tykwinski

TrueNet, Inc.

P: 610-429-8300



From: clamav-users <clamav-users-bounces@lists.clamav.net> On Behalf Of Michael Kyriacou via clamav-users
Sent: Thursday, December 15, 2022 9:10 AM
To: ClamAV users ML <clamav-users@lists.clamav.net>
Cc: Michael Kyriacou <mkyriacou111@gmail.com>
Subject: [clamav-users] How many viruses/malware is clamav protecting us from?



Hello, is there a way to see how viruses/malware clamav current protects us from. Additionally, is there a way to see the amount of added virus definitions/signatures per update if clamav?

Sent from my iPad

On Dec 15, 2022, at 06:10, Michael Kyriacou via clamav-users <clamav-users@lists.clamav.net> wrote:

Hello Michael,

> ?Hello, is there a way to see how viruses/malware clamav current protects us from.

I don't believe I understand your question. Are you asking what malware clamav is protecting you against? If so the simple answer is all malware (viruses are just one type of malware).

> Additionally, is there a way to see the amount of added virus definitions/signatures per update if clamav?

Yes, just subscribe to this mail list:
https://lists.clamav.net/mailman/listinfo/clamav-virusdb

-Al-

Al,

> From: clamav-users <clamav-users-bounces@lists.clamav.net> On Behalf Of Al Varnell via clamav-users
> Sent: Thursday, December 15, 2022 9:20 AM
> To: ClamAV users ML <clamav-users@lists.clamav.net>
> Cc: Al Varnell <alvarnell@mac.com>
> Subject: Re: [clamav-users] How many viruses/malware is clamav protecting us from?
>
> I don't believe I understand your question. Are you asking what malware clamav is protecting you against? If so the simple answer is all malware (viruses > are just one type of malware).

"sigtool --find-sigs ." should work to list all current rules, but yeah unless you are looking for something specific, I don't know the reason you would want them.


_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Technically speaking, this is an impossible question to answer.

Since there are millions of pieces of detection in ClamAV, but one piece of detection can cover millions of pieces of malware.

> On Dec 15, 2022, at 9:09 AM, Michael Kyriacou via clamav-users <clamav-users@lists.clamav.net> wrote:
>
> Hello, is there a way to see how viruses/malware clamav current protects us from. Additionally, is there a way to see the amount of added virus definitions/signatures per update if clamav? _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat

_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

On Thu, 15 Dec 2022, Michael Kyriacou wrote:

> Hello, is there a way to see how viruses/malware clamav current
> protects us from. Additionally, is there a way to see the amount of
> added virus definitions/signatures per update if clamav?

I know that this isn't what was being asked for, but I suspect that it
may be more useful to know how many messages that clamav has matched
against which virus / malware signature. In other words, how many
viruses and other malware did clamav protect *our* (users') systems
from today? To that end, I use the following (admittedly simple)
script, run nightly on each mail relay server, and I get a daily
report that I can point to, to show what is being protected against.

#!/bin/sh
#
# @(#)maillog_report_clamav_matches 2022-11-25 Sylvain Robitaille
#
# report on which clamav signatures have matched, and how many times
# each have matched from the latest maillog file (or the file(s) named
# as argument(s).

PATH=/usr/local/bin:/usr/bin:/bin
# <space><tab><newline>
IFS="
"
export PATH;
export IFS;
umask 022

# if we have no arguments, we'll default to the current maillog file;
# else the arguments are the list;
if [ "$*" ]; then
MAILLOG=$*
else
MAILLOG="/var/log/maillog"
fi

# That's it ...
grep -w FOUND ${MAILLOG} |\
awk '{print $(NF-1)}' |\
sort -h |\
uniq -c |\
sort -rh |\
awk '{total+=$1; print} END {if (NR > 1) print "total:", total}'


I'm hoping that this can help, or it might perhaps inspire a script
that's more relevant to your own situation.

--
----------------------------------------------------------------------
Sylvain Robitaille syl@encs.concordia.ca

Systems analyst / Postmaster / AITS Concordia University
Faculty of Engineering and Computer Science Montreal, Quebec, Canada
----------------------------------------------------------------------
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Thank you for this

On Mon, Dec 19, 2022 at 4:47 PM Sylvain Robitaille <syl@encs.concordia.ca>
wrote:

> On Thu, 15 Dec 2022, Michael Kyriacou wrote:
>
> > Hello, is there a way to see how viruses/malware clamav current
> > protects us from. Additionally, is there a way to see the amount of
> > added virus definitions/signatures per update if clamav?
>
> I know that this isn't what was being asked for, but I suspect that it
> may be more useful to know how many messages that clamav has matched
> against which virus / malware signature. In other words, how many
> viruses and other malware did clamav protect *our* (users') systems
> from today? To that end, I use the following (admittedly simple)
> script, run nightly on each mail relay server, and I get a daily
> report that I can point to, to show what is being protected against.
>
> #!/bin/sh
> #
> # @(#)maillog_report_clamav_matches 2022-11-25 Sylvain Robitaille
> #
> # report on which clamav signatures have matched, and how many times
> # each have matched from the latest maillog file (or the file(s) named
> # as argument(s).
>
> PATH=/usr/local/bin:/usr/bin:/bin
> # <space><tab><newline>
> IFS="
> "
> export PATH;
> export IFS;
> umask 022
>
> # if we have no arguments, we'll default to the current maillog file;
> # else the arguments are the list;
> if [ "$*" ]; then
> MAILLOG=$*
> else
> MAILLOG="/var/log/maillog"
> fi
>
> # That's it ...
> grep -w FOUND ${MAILLOG} |\
> awk '{print $(NF-1)}' |\
> sort -h |\
> uniq -c |\
> sort -rh |\
> awk '{total+=$1; print} END {if (NR > 1) print "total:", total}'
>
>
> I'm hoping that this can help, or it might perhaps inspire a script
> that's more relevant to your own situation.
>
> --
> ----------------------------------------------------------------------
> Sylvain Robitaille syl@encs.concordia.ca
>
> Systems analyst / Postmaster / AITS Concordia University
> Faculty of Engineering and Computer Science Montreal, Quebec, Canada
> ----------------------------------------------------------------------
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
>