ClamAV False positive ?

Started by Fortimian, October 15, 2017, 08:45:58 AM

Previous topic - Next topic

Fortimian

Hello, Backbox is an operating system that I appreciate very much.
Unfortunately, by doing a "fresh / clean" antivirus scan of the system, the antivirus detects a lot of viruses, false positive because of hacking tools? Maybe I do not know but there were well thirty viruses, I invite you to do the test with ClamAV.
How to be sure that Backbox is clean? I appreciate Backbox.

ostendali

Quote from: Fortimian on October 15, 2017, 08:45:58 AM
Hello, Backbox is an operating system that I appreciate very much.
Unfortunately, by doing a "fresh / clean" antivirus scan of the system, the antivirus detects a lot of viruses, false positive because of hacking tools? Maybe I do not know but there were well thirty viruses, I invite you to do the test with ClamAV.
How to be sure that Backbox is clean? I appreciate Backbox.
they are all security tools.

Antivirus for linux? it is a joke!!!

polakiov

How to be sure?
An antivirus is not useless on Linux.
Viruses and backdoors exist on linux...

polakiov

Quote from: polakiov on October 22, 2017, 02:05:15 PM
How to be sure?
An antivirus is not useless on Linux.
Viruses and backdoors exist on linux...

ZEROF

Hi,

I was working a lot with clamav in the past, and you are going always to have false positive, but with right settings that can be fixed +-. For start, you must know, that you are using only public hash data bases when you install clamav, and that db is updated every hour. You must learn how to write your own protection system.

Scenario ... you want to block some type of files on your system or your app or software etc.. Clamav have option for integration of this "advanced" futures. You can integrate private signature base as well. Public db can be found here http://sanesecurity.com/usage/signatures/, and one of the best private db is https://www.securiteinfo.com/services/anti-spam-anti-virus/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml, etc..

You will need to spend sometime working with clamav before you learn to put clamav to best usage.

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

ostendali

Quote from: polakiov on October 22, 2017, 02:05:15 PM
How to be sure?
An antivirus is not useless on Linux.
Viruses and backdoors exist on linux...
for those who know to handle well linux antivirus is simply a joke. if you are moving from microsof systems to linux you need to make a  radical move, dont bring your old mentality...