Hey any1,
My first question, hence my 1st post.
I do extremely welcome the Unofficial SIGS part of ExtremeShok, but how can I tell if the SIGS are added to ClamAV?
There is a log file location for it, but that's empty and I do not see anything related in maillog or clamd.log (or freshclam log).
I have a plain vanilla box with, for now, latest version (3.0.1.4).
Any ideas/suggestions welcome!
Grtz,
Ronald
extremeShok UnOfficial SIGS
Re: extremeShok UnOfficial SIGS
Allrighty, found out myself, just follow the instuctions on https://github.com/extremeshok/clamav-unofficial-sigs
Just the scripts were in 3.0.1.4 but not configured, since the auth keys need to be individually.
It seems to work.
Cheerz!
Just the scripts were in 3.0.1.4 but not configured, since the auth keys need to be individually.
It seems to work.
Cheerz!
Re: extremeShok UnOfficial SIGS
Oh, so we have to manually configure the Unofficial Sigs after updating to 3.0.1.4?
Its not a problem, just wanted to make sure this is correct.
Its not a problem, just wanted to make sure this is correct.
- shawniverson
- Posts: 3650
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: extremeShok UnOfficial SIGS
It is *mostly* configured, in that the scripts are in place, but yeah, if you want it to download things like Malwarepatrol, SecuriteInfo, etc. you need to subscribe to them and set it up.
Re: extremeShok UnOfficial SIGS
ack, it's very simple.
Re: extremeShok UnOfficial SIGS
I know its simple, its just that in previous versions I think you entered your malware patrol during the config and this was the first time I had seen it mentioned that you need to do this manually
Re: extremeShok UnOfficial SIGS
apparently EFA uses the yum package clamav-unofficial-sigs which is currently at Version: v5.4.1 (20 July 2016) while https://github.com/extremeshok/clamav-unofficial-sigs is at Version 5.6.2 (updated 2017-03-19)
so my question is if it would not be better to include the second version in EFA directly?
so my question is if it would not be better to include the second version in EFA directly?
- shawniverson
- Posts: 3650
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: extremeShok UnOfficial SIGS
Sounds like it is time for a new package. I'll add this to the todo for 3.0.2.4