ClamAV - foxhole databases blokada exe v zipu ?

1 naročnik

Ali ima kdo izkušnje (dobre ali slabe) z uporabo dodatnih podpisov za ClamAV ?

Sprašujem, ker ne najdem nobenega drugega načina, da bi blokiral exe (in ostale z payloadom) fajle ki so v priponki - zip-u ?

http://sanesecurity.com/foxhole-databases/
"The three new foxhole databases use the .cdb extension which uses the ClamAV engine to look inside certain container/archive files for various filenames/extensions and perform Regular Expressions, on those filenames/extensions."

Hvala za vsako idejo !