Finally, after the offline caused by a DDoS attack to the servers, the sanesecurity site is up again and serving the additional clamav signatures :)
There have been some changes though; first of all the signatures aren't available anymore through HTTP, you can only fetch them using rsycn; then, the mirror infrastucture which was setup to balance the load and somewhat avoid DDoS issues has an "auto banning" mechanism in place, so hitting the servers too often will result in your IP being banned ... and btw in such a case you won't be able to update your signatures For further details see http://www.sanesecurity.net/ That said, and for the ones running ClamAV on win32 and willing to get the new signatures and update them through rsync, here's a short batch script which will do the magic for you @echo off if not (%1)==() goto DOWN mkdir temp >NUL 2>&1 set URL=rsync://rsync.sanesecurity.net/sanesecurity for %%S in (rogue.hdb spear.ndb scam.ndb phish.ndb) do call %0 %%S for %%S in (junk.ndb spamimg.hdb spam.ldb lott.ndb) do call %0 %%S set URL= goto QUIT :DOWN rsync -v --timeout=30 -t --stats "%URL%/%1" temp/%1 if errorlevel 1 goto QUIT copy /V /Y temp\%1 data\%1 :QUIT the script must be placed inside the ClamAV folder and it assumes that the clamav signatures are inside the "data" subfolder; it loops through the various available signature files attempting to update each one and, if the update is successful, it then copies the file to the "data" folder where the clamd will reload it upon the next "self-check" To use the script you'll also need to place inside the clamav folder the rsync program and the two needed DLLs you can find here http://www.brentnorris.net/rsync.zip (for more infos see http://www.brentnorris.net/rsyncntdoc.html) so that the script will be able to find the required rsync.exe program As I wrote at the beginning, ensure to schedule the script so that it will run at DECENT intervals, that is once a day or, at a max every 4...8 hours and NO more, otherwise your IP will get banned from the server; also notice that the script doesn't currently handle the signature verification using GPG, but it shouldn't be so difficult to add HTH ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
