Page 1 of 1
extremeShok UnOfficial SIGS
Posted: 13 Sep 2016 18:28
by SupportOU
Hey any1,
My first question, hence my 1st post.
I do extremely welcome the Unofficial SIGS part of ExtremeShok, but how can I tell if the SIGS are added to ClamAV?
There is a log file location for it, but that's empty and I do not see anything related in maillog or clamd.log (or freshclam log).
I have a plain vanilla box with, for now, latest version (3.0.1.4).
Any ideas/suggestions welcome!
Grtz,
Ronald
Re: extremeShok UnOfficial SIGS
Posted: 14 Sep 2016 19:47
by SupportOU
Allrighty, found out myself, just follow the instuctions on
https://github.com/extremeshok/clamav-unofficial-sigs
Just the scripts were in 3.0.1.4 but not configured, since the auth keys need to be individually.
It seems to work.
Cheerz!
Re: extremeShok UnOfficial SIGS
Posted: 16 Sep 2016 16:23
by ovizii
Oh, so we have to manually configure the Unofficial Sigs after updating to 3.0.1.4?
Its not a problem, just wanted to make sure this is correct.
Re: extremeShok UnOfficial SIGS
Posted: 16 Sep 2016 18:05
by shawniverson
It is *mostly* configured, in that the scripts are in place, but yeah, if you want it to download things like Malwarepatrol, SecuriteInfo, etc. you need to subscribe to them and set it up.
Re: extremeShok UnOfficial SIGS
Posted: 19 Sep 2016 20:57
by SupportOU
ack, it's very simple.
Re: extremeShok UnOfficial SIGS
Posted: 20 Sep 2016 08:34
by ovizii
I know its simple, its just that in previous versions I think you entered your malware patrol during the config and this was the first time I had seen it mentioned that you need to do this manually
Re: extremeShok UnOfficial SIGS
Posted: 28 Jun 2017 13:30
by ovizii
apparently EFA uses the yum package clamav-unofficial-sigs which is currently at Version: v5.4.1 (20 July 2016) while
https://github.com/extremeshok/clamav-unofficial-sigs is at Version 5.6.2 (updated 2017-03-19)
so my question is if it would not be better to include the second version in EFA directly?
Re: extremeShok UnOfficial SIGS
Posted: 28 Jun 2017 17:30
by shawniverson
Sounds like it is time for a new package. I'll add this to the todo for 3.0.2.4