3,249
edits
Changes
From SME Server
Jump to navigationJump to searchVirus:Additional Signatures (view source)
Revision as of 09:47, 13 April 2016
, 09:47, 13 April 2016→Old Installation Notes
{{Level|Medium}}
{{Note box|Please note that there now is a contrib for adding additional signatures. Please see [[Clamav_unofficial_sigs]].}}
==Anti Virus - Additional Signatures==
==Anti Virus - Additional Signatures==
===Introduction===
===Introduction===
In order to use these additional databases with your ClamAV installation you need to download them and add them to ClamAV. There is a script package from Sane Security which can be used to download and install the databases, and their addition provide 1,000's of new signatures for ClamAV to work with.
In order to use these additional databases with your ClamAV installation you need to download them and add them to ClamAV. There is a script package from Sane Security which can be used to download and install the databases, and their addition provide 1,000's of new signatures for ClamAV to work with.
{{Note box|Please be aware that these additional signatures can in rare cases contain false positives causing good emails to be caught. This has only been noticed once in 18 months for some hours though.}}
===Installation===
===Installation===
# Copyright (C) 2009 Eric Shubert <ejs@shubes.net>
# Copyright (C) 2009 Eric Shubert <ejs@shubes.net>
########################################################################
########################################################################
# 8/23/12 Changed WEB_LOC to sourceforge host
# 4/30/10 Amendments to install on SME Server - commented with SME
# 4/30/10 Amendments to install on SME Server - commented with SME
# 9/25/09 Totally refactored by Eric Shubert <ejs@shubes.net>
# 9/25/09 Totally refactored by Eric Shubert <ejs@shubes.net>
# 3/22/09 Originally Written by Jake Vickers <jake@qmailtoaster.com>
# 3/22/09 Originally Written by Jake Vickers <jake@qmailtoaster.com>
#
#
WEB_LOC=http://www.inetmsg.com/pub
WEB_LOC=http://sourceforge.net/projects/unofficial-sigs/files/latest/download?source=files
PKG_NAME=clamav-unofficial-sigs
PKG_NAME=clamav-unofficial-sigs
PKG_TGZ=$PKG_NAME.tar.gz
PKG_TGZ=$PKG_NAME.tar.gz
# remove files from previous version
# remove files from previous version
# SME - changed cron job from .sh to .cron, added removal of .sh script and redundant dbs
# SME - changed cron job from .sh to .cron, added removal of .sh script and redundant dbs
rm -rf /etc/unofficial-clamav-sigs.conf \
rm -rf /etc/unofficial-clamav-sigs.conf \
/etc/cron.hourly/unofficial-clamav-sigs.cron \
/etc/cron.hourly/unofficial-clamav-sigs.cron \
/usr/unofficial-dbs \
/usr/unofficial-dbs \
echo "$me $myver - getting latest version of $PKG_NAME ..."
echo "$me $myver - getting latest version of $PKG_NAME ..."
wget -O $TEMP_DIR/$PKG_TGZ $WEB_LOC/$PKG_TGZ
wget -O $TEMP_DIR/$PKG_TGZ $WEB_LOC
if [ "$?" != "0" ]; then
if [ "$?" != "0" ]; then
./sanesecurity-install.sh
./sanesecurity-install.sh
{{Note box|The script above uses TCP 873 as its destination port when downloading signature, please ensure that this port is open when your SME server is behind the firewall.}}
Run the Sane Security script for the first time to download the databases and check it works
Run the Sane Security script for the first time to download the databases and check it works
===Uninstall===
===Uninstall===
Log in to a console shell as ''root''
Create and edit a new file. Add the following
rm -f /etc/cron.d/clamav-unoffical-sigs-cron
rm -f /etc/cron.d/clamav-unoffical-sigs-cron
rm -fr /opt/sanesecurity
rm -fr /opt/sanesecurity \
/usr/unofficial-dbs
rm -f /var/log/clamav/unofficial-sigs*
rm -f /var/log/clamav/unofficial-sigs* \
/var/clamav/*.ndb \
/var/clamav/*.ldb \
/var/clamav/*.ftm \
/var/clamav/*.hdb
signal-event clamav-update
signal-event clamav-update
Save the file as ''sanesecurity-uninstall.sh''
chmod 755 sanesecurity-uninstall.sh
Now run the script. This will delete all the Sane Security package files, downloaded databases and directories
./sanesecurity-uninstall.sh
===Old Installation Notes===
===Old Installation Notes===
A previous installation of the Sane Security scripts was provided for SME by swerts-knudsen.dk, and the installation notes for this are reproduced below for completeness. This is for version 2.4 of the scripts however, whereas the current version installed as above is 3.7 (April 2010)
A previous installation of the Sane Security scripts was provided for SME by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk/ SME Optimizer], and the installation notes for this are reproduced below for completeness. This is for version 2.4 of the scripts however, whereas the current version installed as above is 3.7 (April 2010)
''Installation''
''Installation''
See also http://forums.contribs.org/index.php/topic,45872.0.html
See also http://forums.contribs.org/index.php/topic,45872.0.html
See forum announcement of this Howto for further comments at http://forums.contribs.org/index.php/topic,45915.0.html
Installation script originally produced by QmailToaster Plus - see http://qtp.qmailtoaster.com
Installation script originally produced by QmailToaster Plus - see http://qtp.qmailtoaster.com
[[Category:Howto]][[Category:Mail]][[Category:Administration]]
----
[[Category:Howto]][[Category:Mail]][[Category:Administration:Content Spam Virus Blocking]][[Category:Security]]
