Effect: Traffic surrounding safebrowsing has effectively ground to almost zero. FANTASTIC!
-- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group https://www.talosintelligence.com | https://www.snort.org | https://www.clamav.net On Apr 22, 2021, at 12:04 PM, Andrew Williams <awill...@sourcefire.com<mailto:awill...@sourcefire.com>> wrote: To give a quick update on this, a new version of safebrowsing.cvd was published yesterday that removes all but a minimal number of signatures needed for it to be loaded correctly by ClamAV. The block on safebrowsing.cvd download attempts was also lifted, and a corresponding zero-byte CDIFF published, which means that existing installations running FreshClam with the SafeBrowsing option set should expect a quick update that replaces the prior, 40 MB safebrowsing.cvd (if present) with the 1 KB latest one. -Andrew On Thu, Apr 8, 2021 at 6:33 PM Micah Snyder (micasnyd) via clamav-users <clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>> wrote: So it's actually kinda funny you should ask that. In 0.103.2 we deprecated the SafeBrowsing option in freshclam.conf which means it will no longer add safebrowsing to the list of desired databases. FreshClam has two options "ExcludeDatabase" and "ExtraDatabase" for adding/removing official CVD's to the list of databases to update. In version 0.102+, FreshClam detects if you have a CVD database in your database directory that isn't in the list (eg. because you excluded it, or no longer include an "extra" database) and will remove it. I didn't realize that deprecating the SafeBrowsing option would cause FreshClam to remove the old safebrowsing.cld file until I read your question and the thought struck me. I just tested it now. I found that in 0.103.2 if you used to have safebrowsing.cld (or safebrowsing.cvd), FreshClam will automatically remove it for you. -Micah > -----Original Message----- > From: clamav-users > <clamav-users-boun...@lists.clamav.net<mailto:clamav-users-boun...@lists.clamav.net>> > On Behalf Of > Matus UHLAR - fantomas > Sent: Thursday, April 8, 2021 5:40 AM > To: clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> > Subject: Re: [clamav-users] ClamAV® blog: Are you still attempting to > download safebrowsing.cvd? > > >Dne středa 7. dubna 2021 19:41:34 CEST, Joel Esler (jesler) via > >clamav-users napsal(a): > >> > Are you still attempting to download safebrowsing.cvd? > >> > > >> > It has come to our attention that a few of you (about 515,000 of > >> > you, to be more accurate), are still attempting to download the > >> > safebrowsing.cvd file from the official ClamAV mirrors. This > >> > tells us that these attempted downloads are an installation of > >> > FreshClam (a non-updated FreshClam.conf or other script) that have > >> > not been updated to remove the safebrowsing database.> > > On 07.04.21 21:04, Vladislav Kurz via clamav-users wrote: > >These could be Debian users. The debian package offers to enable > >safebrowsing.cvd, and there is no indication that it is discontinued. > >Perhaps, if you talk to Debian Clamav maintainers, they could release > >an update that disables this option without asking ? > > it's disabled by default, but yes, that disabling it unconditionally would be > good > > The question is, if the old safebrowsing.cld has to be removed if it exists. > > >Anyway I was one of those, and now disabling it everywhere... > > +1 > -- > Matus UHLAR - fantomas, uh...@fantomas.sk<mailto:uh...@fantomas.sk> ; > http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > 2B|!2B, that's a question! > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml