ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
ClamWin Free Antivirus Forum Index » Virus Scanner
Reply to topic
detect-structured not catching test files
mattvogt


Joined: 09 May 2011
Posts: 0
Post Posted: Mon May 09, 2011 8:15 pm Reply with quote
I've been using Clam for a while now, but am now getting into testing out the detect-structured options to scan some file shares for credit card numbers. I've got a number of files with fake credit card info that pass a verification test (Luhn algorithm), but the scan isn't picking them up. Here's my scan options:

-v --detect-structured=yes --structured-ssn-format=0 --structured-ssn-count=10 --structured-cc-count=10 -r f:\testdata\

ClamWin version is 0.97

Thoughts? Thanks.
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 9
Location: USA
Post Posted: Mon May 09, 2011 9:09 pm Reply with quote
Are you using Clam or ClamWin? You mentioned Clam, and this is the ClamWin forum. Anyway, I tried that data loss prevention option when it first came out a few years ago but dropped it because of false positives. I recall it was developed just after Sourcefire bought Clam, so it may not have been given enough thought. I have never seen an actual detection of this, and I do not think it is reliable.

Regards,
View user's profileSend private message
mattvogt


Joined: 09 May 2011
Posts: 0
Post Posted: Tue May 10, 2011 12:21 am Reply with quote
Sorry, yes, I am using ClamWin.

Thanks for the input.
View user's profileSend private message
detect-structured not catching test files
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
 		All times are GMT  
Page 1 of 1  
  
  
ClamWin Free Antivirus Forum Index » Virus Scanner
 Reply to topic