Re: [clamav-users] Error when using a private mirror

[David Pullman]

On Fri, Mar 24, 2017 at 8:31 AM, Matus UHLAR - fantomas 
wrote:

> On 22.03.17 12:05, David Pullman wrote:
>
> I’m trying to avoid having the instances running freshclam go out to the
>> Internet.
>>
>
> what kind of problem does one DNS request cause?


In some implementations, there are requirements where instances need to be
strictly prevented from going out to the Internet. Then there are some
where if the instance goes out to the Internet, you have to justify and
document why. These kinds of restrictions happen in domains where security
is either very strict, or when there are compliance requirements for the
information system. In this case, I think we can justify and document why.

Thanks!

David
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Error when using a private mirror

[Matus UHLAR - fantomas]

On 22.03.17 12:05, David Pullman wrote:

This is what "PrivateMirror" does. It turns DNS off and uses IMS.


Maybe you should use "DatabaseMirror" instead to check for actual versions.



Right, however, it looks like if I use DatabaseMirror with my private
mirror hostname, then the instance running freshclam will then still go out
to the Internet to check for something, maybe timestamp info?


yes, exactly, by:


“Querying current.cvd.clamav.net”



I’m trying to avoid having the instances running freshclam go out to the
Internet.


what kind of problem does one DNS request cause?


Seems you just did not get what DatabaseCustomURL means - it configures
additional URLs, it does not replace standard URLs of
http://mirror/main.cvd
etc.



What I found in man freshclam.conf:
“””
  DatabaseCustomURL STRING
 With  this  option  you can provide custom sources (http://
or file://) for
 database files. This option can be used multiple times.
 Default: disabled
“”"
Sorry, I didn’t get “it configures additional URLs, it does not replace
standard URLs” from “you can provide custom sources…for database files”.
Perhaps there is another reference for this attribute that says that?


apparently it should say "you can provide custom sources ... in addition to
standard sources".

apparently freshclam search for standard sources, even if you add others
with "DatabaseCustomURL"


I would have thought that if you specified a custom URL for a database
file, then any reference to that file should use the custom URL. Obviously
that is not the case here, but I’m wondering if that is intended or if it’s
an error? Is there a reason that some of freshclam can use a custom URL but
some of it is hardcoded to a document root?


to be able to add own sources in addition to those provided by clamav.

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam = (S)tupid (P)eople's (A)dvertising (M)ethod
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml