Line 124: |
Line 124: |
| * Malware Block List (http://www.malware.com.br/) - who maintains a database for Malware | | * Malware Block List (http://www.malware.com.br/) - who maintains a database for Malware |
| | | |
− | In order to use these addition database with your Clam AV installation you need to download the databases. I have modified a script from San Security to work with SME 7.x which can be used to obtain the databases from Sane Security and MSRBL (Malware Block List is still under test). The addition of these 4 new databases provides ~65.000 new signatures for clam to work with. | + | In order to use these addition database with your Clam AV installation you need to download the databases. I have modified a script from San Security to work with SME 7.x which can be used to obtain the databases from Sane Security, MSRBL and the Malware Block List. The addition of these 5 new databases provides ~75.000 new signatures for clam to work with. |
| | | |
| ====Installation==== | | ====Installation==== |
Line 139: |
Line 139: |
| update_sanesecurity: [debug] Debug mode is ON | | update_sanesecurity: [debug] Debug mode is ON |
| update_sanesecurity: [debug] Starting. | | update_sanesecurity: [debug] Starting. |
− | update_sanesecurity: [debug] Created temporary directory: '/tmp/update_sanesecurity.OmA30589' | + | update_sanesecurity: [debug] Created temporary directory: '/tmp/update_sanesecurity.uwlP7014' |
| update_sanesecurity: [debug] Checking for ClamAV database directory... | | update_sanesecurity: [debug] Checking for ClamAV database directory... |
| update_sanesecurity: [debug] Found ClamAV database directory: /var/clamav | | update_sanesecurity: [debug] Found ClamAV database directory: /var/clamav |
Line 146: |
Line 146: |
| update_sanesecurity: [debug] SPAM_SIGS : rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-SPAM.ndb | | update_sanesecurity: [debug] SPAM_SIGS : rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-SPAM.ndb |
| update_sanesecurity: [debug] IMAGE_SIGS : rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-Images.hdb | | update_sanesecurity: [debug] IMAGE_SIGS : rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-Images.hdb |
| + | update_sanesecurity: [debug] VX_SIGS : http://clamav.securiteinfo.com/vx.hdb.gz |
| + | update_sanesecurity: [debug] SECURITEINFO_SIGS : http://clamav.securiteinfo.com/securiteinfo.hdb.gz |
| + | update_sanesecurity: [debug] HONEYNET_SIGS : http://clamav.securiteinfo.com/honeynet.hdb.gz |
| + | update_sanesecurity: [debug] ANTISPAM_SIGS : http://clamav.securiteinfo.com/antispam.ndb.gz |
| + | update_sanesecurity: [debug] MALWARE_SIGS : http://www.malware.com.br/cgi/submit?action=list_clamav |
| update_sanesecurity: [debug] ClamScan : /usr/bin/clamscan | | update_sanesecurity: [debug] ClamScan : /usr/bin/clamscan |
| update_sanesecurity: [debug] CURL : /usr/bin/curl | | update_sanesecurity: [debug] CURL : /usr/bin/curl |
Line 151: |
Line 156: |
| update_sanesecurity: [debug] RSync : /usr/bin/rsync | | update_sanesecurity: [debug] RSync : /usr/bin/rsync |
| update_sanesecurity: [debug] ClamAV db dir : /var/clamav | | update_sanesecurity: [debug] ClamAV db dir : /var/clamav |
− | update_sanesecurity: [debug] temp dir : /tmp/update_sanesecurity.OmA30589 | + | update_sanesecurity: [debug] temp dir : /tmp/update_sanesecurity.uwlP7014 |
− | update_sanesecurity: [debug] Created temporary directory: '/tmp/update_sanesecurity.jqP30690' | + | update_sanesecurity: [debug] Created temporary directory: '/tmp/update_sanesecurity.XTJi7125' |
| update_sanesecurity: [debug] Checking for ClamAV database directory... | | update_sanesecurity: [debug] Checking for ClamAV database directory... |
| update_sanesecurity: [debug] Found ClamAV database directory: /var/clamav | | update_sanesecurity: [debug] Found ClamAV database directory: /var/clamav |
| update_sanesecurity: [debug] Checking for newer version of '/var/clamav/scam.ndb.gz' | | update_sanesecurity: [debug] Checking for newer version of '/var/clamav/scam.ndb.gz' |
− | update_sanesecurity: [info] '/var/clamav/scam.ndb.gz' was NOT updated | + | update_sanesecurity: [info] '/var/clamav/scam.ndb.gz' was updated |
− | update_sanesecurity: [info] '/var/clamav/scam.ndb' was NOT updated | + | update_sanesecurity: [info] '/var/clamav/scam.ndb' was updated |
| update_sanesecurity: [debug] Checking for newer version of '/var/clamav/phish.ndb.gz' | | update_sanesecurity: [debug] Checking for newer version of '/var/clamav/phish.ndb.gz' |
| update_sanesecurity: [info] '/var/clamav/phish.ndb.gz' was NOT updated | | update_sanesecurity: [info] '/var/clamav/phish.ndb.gz' was NOT updated |
Line 164: |
Line 169: |
| update_sanesecurity: [info] '/var/clamav/MSRBL-SPAM.ndb' was NOT updated | | update_sanesecurity: [info] '/var/clamav/MSRBL-SPAM.ndb' was NOT updated |
| update_sanesecurity: [debug] Checking for newer version of '/var/clamav/MSRBL-Images.hdb' | | update_sanesecurity: [debug] Checking for newer version of '/var/clamav/MSRBL-Images.hdb' |
− | update_sanesecurity: [info] '/var/clamav/MSRBL-Images.hdb' was NOT updated | + | update_sanesecurity: [info] '/var/clamav/MSRBL-Images.hdb' was updated |
| + | update_sanesecurity: [debug] Checking for newer version of '/var/clamav/vx.hdb.gz' |
| + | update_sanesecurity: [info] '/var/clamav/vx.hdb.gz' was NOT updated |
| + | update_sanesecurity: [info] '/var/clamav/vx.hdb' was NOT updated |
| + | update_sanesecurity: [debug] Checking for newer version of '/var/clamav/securiteinfo.hdb.gz' |
| + | update_sanesecurity: [info] '/var/clamav/securiteinfo.hdb.gz' was NOT updated |
| + | update_sanesecurity: [info] '/var/clamav/securiteinfo.hdb' was NOT updated |
| + | update_sanesecurity: [debug] Checking for newer version of '/var/clamav/honeynet.hdb.gz' |
| + | update_sanesecurity: [info] '/var/clamav/honeynet.hdb.gz' was NOT updated |
| + | update_sanesecurity: [info] '/var/clamav/honeynet.hdb' was NOT updated |
| + | update_sanesecurity: [debug] Checking for newer version of '/var/clamav/antispam.ndb.gz' |
| + | update_sanesecurity: [info] '/var/clamav/antispam.ndb.gz' was NOT updated |
| + | update_sanesecurity: [info] '/var/clamav/antispam.ndb' was NOT updated |
| + | update_sanesecurity: [debug] '/var/clamav/mbl.db.gz' does not exist, so doing initial download |
| + | update_sanesecurity: [info] '/var/clamav/mbl.db.gz' was updated |
| + | update_sanesecurity: [info] '/var/clamav/mbl.db' was updated |
| update_sanesecurity: [debug] Exiting. | | update_sanesecurity: [debug] Exiting. |
| + | |
| | | |
| ClamAV will by default reload its databases every 1800 secs (30mins) but you can force a reload with: | | ClamAV will by default reload its databases every 1800 secs (30mins) but you can force a reload with: |