extremeShok UnOfficial SIGS

Request and discuss new features you would like to have.
Post Reply
SupportOU
Posts: 47
Joined: 12 Sep 2016 18:47

extremeShok UnOfficial SIGS

Post by SupportOU » 13 Sep 2016 18:28

Hey any1,

My first question, hence my 1st post.

I do extremely welcome the Unofficial SIGS part of ExtremeShok, but how can I tell if the SIGS are added to ClamAV?

There is a log file location for it, but that's empty and I do not see anything related in maillog or clamd.log (or freshclam log).

I have a plain vanilla box with, for now, latest version (3.0.1.4).

Any ideas/suggestions welcome!

Grtz,
Ronald

SupportOU
Posts: 47
Joined: 12 Sep 2016 18:47

Re: extremeShok UnOfficial SIGS

Post by SupportOU » 14 Sep 2016 19:47

Allrighty, found out myself, just follow the instuctions on https://github.com/extremeshok/clamav-unofficial-sigs
Just the scripts were in 3.0.1.4 but not configured, since the auth keys need to be individually.
It seems to work.
Cheerz!

ovizii
Posts: 450
Joined: 11 May 2016 08:08

Re: extremeShok UnOfficial SIGS

Post by ovizii » 16 Sep 2016 16:23

Oh, so we have to manually configure the Unofficial Sigs after updating to 3.0.1.4?
Its not a problem, just wanted to make sure this is correct.

User avatar
shawniverson
Posts: 2803
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: extremeShok UnOfficial SIGS

Post by shawniverson » 16 Sep 2016 18:05

It is *mostly* configured, in that the scripts are in place, but yeah, if you want it to download things like Malwarepatrol, SecuriteInfo, etc. you need to subscribe to them and set it up.
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

SupportOU
Posts: 47
Joined: 12 Sep 2016 18:47

Re: extremeShok UnOfficial SIGS

Post by SupportOU » 19 Sep 2016 20:57

ack, it's very simple.

ovizii
Posts: 450
Joined: 11 May 2016 08:08

Re: extremeShok UnOfficial SIGS

Post by ovizii » 20 Sep 2016 08:34

I know its simple, its just that in previous versions I think you entered your malware patrol during the config and this was the first time I had seen it mentioned that you need to do this manually :-)

ovizii
Posts: 450
Joined: 11 May 2016 08:08

Re: extremeShok UnOfficial SIGS

Post by ovizii » 28 Jun 2017 13:30

apparently EFA uses the yum package clamav-unofficial-sigs which is currently at Version: v5.4.1 (20 July 2016) while https://github.com/extremeshok/clamav-unofficial-sigs is at Version 5.6.2 (updated 2017-03-19)

so my question is if it would not be better to include the second version in EFA directly?

User avatar
shawniverson
Posts: 2803
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: extremeShok UnOfficial SIGS

Post by shawniverson » 28 Jun 2017 17:30

Sounds like it is time for a new package. I'll add this to the todo for 3.0.2.4
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Post Reply