search

rfxn / linux-malware-detect

Linux Malware Detection (LMD)
http://www.rfxn.com/projects/linux-malware-detect/
GNU General Public License v2.0
1.19k stars 232 forks source link

Please add ability to use Maldet DB with Clam Daemon #7

Closed pavel-odintsov closed 10 years ago

pavel-odintsov commented 10 years ago

Hello!

I'm execute simple test clamscan vs clamDscan and found extremely big difference between it:

Parallel scan via clamDscan (daemon): 34.176 sec
Single thread scan via clamDscan (daemon): 191.848 sec
Scan via clamscan: 215.018 sec

As you can see difference is fantastic!

Adding maldet databases to ClamAV daemon is very simple:

cp /usr/local/maldetect/sigs/rfxn.hdb /var/lib/clamav
cp /usr/local/maldetect/sigs/rfxn.ndb /var/lib/clamav
/etc/init.d/clamd restart

May be you can add this solution as recommended way for scanning via ClamAV because it many times faster?

Full article: http://bit.ly/Rkm6wU (sorry, it's in russian).

rfxn commented 10 years ago

The development version of maldet now attempts to determine the clamav data path and symlinks the clamav signatures into the path and passes a SIGUSR2 to clamd process which forces it to reload the signature databases.