 | detect-structured not catching test files |  |
|
mattvogt
| Joined: 09 May 2011 |
| Posts: 0 |
|
|
|
 Posted: Mon May 09, 2011 8:15 pm |
|
 |
 |
|
|
I've been using Clam for a while now, but am now getting into testing out the detect-structured options to scan some file shares for credit card numbers. I've got a number of files with fake credit card info that pass a verification test (Luhn algorithm), but the scan isn't picking them up. Here's my scan options:
-v --detect-structured=yes --structured-ssn-format=0 --structured-ssn-count=10 --structured-cc-count=10 -r f:\testdata\
ClamWin version is 0.97
Thoughts? Thanks.
|
|
|
 |
| | |
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Mon May 09, 2011 9:09 pm |
|
|
|
|
|
Are you using Clam or ClamWin? You mentioned Clam, and this is the ClamWin forum. Anyway, I tried that data loss prevention option when it first came out a few years ago but dropped it because of false positives. I recall it was developed just after Sourcefire bought Clam, so it may not have been given enough thought. I have never seen an actual detection of this, and I do not think it is reliable.
Regards,
|
|
|
|
mattvogt
| Joined: 09 May 2011 |
| Posts: 0 |
|
|
|
| Posted: Tue May 10, 2011 12:21 am |
|
|
|
|
|
Sorry, yes, I am using ClamWin.
Thanks for the input.
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by
phpBB © phpBB Group
Design by
phpBBStyles.com |
Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
