efa-project.org

Hey any1,

My first question, hence my 1st post.

I do extremely welcome the Unofficial SIGS part of ExtremeShok, but how can I tell if the SIGS are added to ClamAV?

There is a log file location for it, but that's empty and I do not see anything related in maillog or clamd.log (or freshclam log).

I have a plain vanilla box with, for now, latest version (3.0.1.4).

Any ideas/suggestions welcome!

Grtz,
Ronald

Allrighty, found out myself, just follow the instuctions on https://github.com/extremeshok/clamav-unofficial-sigs
Just the scripts were in 3.0.1.4 but not configured, since the auth keys need to be individually.
It seems to work.
Cheerz!

Oh, so we have to manually configure the Unofficial Sigs after updating to 3.0.1.4?
Its not a problem, just wanted to make sure this is correct.

It is *mostly* configured, in that the scripts are in place, but yeah, if you want it to download things like Malwarepatrol, SecuriteInfo, etc. you need to subscribe to them and set it up.

ack, it's very simple.

I know its simple, its just that in previous versions I think you entered your malware patrol during the config and this was the first time I had seen it mentioned that you need to do this manually

apparently EFA uses the yum package clamav-unofficial-sigs which is currently at Version: v5.4.1 (20 July 2016) while https://github.com/extremeshok/clamav-unofficial-sigs is at Version 5.6.2 (updated 2017-03-19)

so my question is if it would not be better to include the second version in EFA directly?

Sounds like it is time for a new package. I'll add this to the todo for 3.0.2.4