[sanesecurity] Re: [sanesecurity_announce] New Database: crdfam.clamav.hdb

• From: "Brian Kesting" <bkesting@xxxxxxxxxxxxxxx>
• To: "sanesecurity" <sanesecurity@xxxxxxxxxxxxx>
• Date: Tue, 23 Nov 2010 11:20:53 -0600

Thanks again!

>>> Daniel McDonald <dan.mcdonald@xxxxxxxxxxxxxxxx> 11/23/2010 11:18 AM >>>
On 11/23/10 11:13 AM, "Brian Kesting" <bkesting@xxxxxxxxxxxxxxx> wrote:

> Thank you very much for the info.  Once I make the change, do I need to
> restart any services in order for this to take affect?

Nope.  The clamav-unofficial-sigs script notifies clamd of changes, and it
reads all of the .?db files in the /var/lib/clamav directory.

Also, is there a 
> listing somewhere of all the available databases?

From Steve's first announcement...

#> Current database list:
#> http://sanesecurity.co.uk/databases.htm

>  
> I currently have:
>  
> junk.ndb
>    jurlbl.ndb
>    phish.ndb
>    rogue.hdb
>    sanesecurity.ftm
>    scam.ndb
>    spamimg.hdb
>    winnow_malware.hdb
>    winnow_malware_links.ndb
> Thanks again,
>  
> Brian
> 
> 
>>>> Daniel McDonald <dan.mcdonald@xxxxxxxxxxxxxxxx> 11/23/2010 11:09 AM >>>
> On 11/23/10 10:55 AM, "Brian Kesting" <bkesting@xxxxxxxxxxxxxxx> wrote:
> 
>> How does one go about installing this new database?  I currently run every
>> hour the following script:
>>  
>> /usr/local/bin/clamav-unofficial-sigs.sh -c /etc/clamav-unofficial-sigs.conf
> 
> You need to edit /etc/clamav-unofficial-sigs.conf.  The name of the new file
> needs to be added to ss_dbs
> 
> For example, mine reads:
> ss_dbs="
>    INetMsg-SpamDomains-2m.ndb
>    crdfam.clamav.hdb
>    doppelstern.ndb
>    doppelstern.hdb
>    junk.ndb
>    jurlbl.ndb
>    jurlbla.ndb
>    lott.ndb
>    phish.ndb
>    rogue.hdb
>    sanesecurity.ftm
>    scam.ndb
>    scamnailer.ndb
>    spam.ldb
>    spamattach.hdb
>    spamimg.hdb
>    spear.ndb
>    spearl.ndb
>    winnow_malware.hdb
>    winnow_malware_links.ndb
>    winnow_phish_complete.ndb
>    winnow_spam_complete.ndb
>    winnow.attachments.hdb
>    winnow.complex.patterns.ldb
>    sigwhitelist.ign2
> "
> 
>>  
>> Will that grab a new database?
> 
> Once you make the change, yes....
> 
>>  
>> Thanks,
>>  
>> Brian
>> 
>>>>> Gerard Seibert <gerard@xxxxxxxxxxxxx> 11/23/2010 10:44 AM >>>
>> I placed the new file into my script and it was downloaded, validated
>> and installed without incident.
>> 
>> Great job Steve.

• References:
  • [sanesecurity] Re: [sanesecurity_announce] New Database: crdfam.clamav.hdb
    • From: Brian Kesting
  • [sanesecurity] Re: [sanesecurity_announce] New Database: crdfam.clamav.hdb
    • From: Daniel McDonald

Other related posts:

• » [sanesecurity] Re: [sanesecurity_announce] New Database: crdfam.clamav.hdb - Brian Kesting
• » [sanesecurity] Re: [sanesecurity_announce] New Database: crdfam.clamav.hdb - Daniel McDonald
• » [sanesecurity] Re: [sanesecurity_announce] New Database: crdfam.clamav.hdb - Brian Kesting
• » [sanesecurity] Re: [sanesecurity_announce] New Database: crdfam.clamav.hdb - Daniel McDonald
• » [sanesecurity] Re: [sanesecurity_announce] New Database: crdfam.clamav.hdb - Brian Kesting
• » [sanesecurity] Re: [sanesecurity_announce] New Database: crdfam.clamav.hdb - TR Shaw

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page
• » View list details
• » Manage your subscription