Re: [clamav-users] Malwarepatrol false positive

[Benny Pedersen]

Kris Deugau skrev den 2018-08-31 19:44:

Benny Pedersen wrote:

why is https even blocked ? :(

please whitelist https signatures


There's no reason a hacked HTTPS website couldn't host malware.  And
there's no reason a spam domain couldn't get a certificate (from Let's
Encrypt, or somewhere else) if they carefully time their actions.


https links could not be reported to the signer ?

but yes its to simple to make https links without payments at all

time to block signers if thats possible
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Malwarepatrol false positive

[Kris Deugau]

Benny Pedersen wrote:

why is https even blocked ? :(

please whitelist https signatures


There's no reason a hacked HTTPS website couldn't host malware.  And 
there's no reason a spam domain couldn't get a certificate (from Let's 
Encrypt, or somewhere else) if they carefully time their actions.


-kgd
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Malwarepatrol false positive

[Steve Basford]

On 31 August 2018 17:52:26 Mark G Thomas  wrote:


Hi,

And YET ANOTHER today. I figured others here might want the heads up.

[root@imx0 conf]# sigtool --find-sigs MBL_13226139 |  sigtool --decode-sigs


Sigh.

I've just added to the main Sansecurity whitelist.

Thanks for the heads up.

Cheers,

Steve
Twitter: @sanesecurity



___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Malwarepatrol false positive

[Benny Pedersen]

Mark G Thomas skrev den 2018-08-31 18:51:


And YET ANOTHER today. I figured others here might want the heads up.

[root@imx0 conf]# sigtool --find-sigs MBL_13226139 |  sigtool 
--decode-sigs


VIRUS NAME: MBL_13226139
DECODED SIGNATURE:
https://linkprotect.cudasvc.com/url


why is https even blocked ? :(

please whitelist https signatures
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Malwarepatrol false positive

[Mark G Thomas]

Hi,

And YET ANOTHER today. I figured others here might want the heads up.

[root@imx0 conf]# sigtool --find-sigs MBL_13226139 |  sigtool --decode-sigs

VIRUS NAME: MBL_13226139
DECODED SIGNATURE:
https://linkprotect.cudasvc.com/url

-Mark

On Wed, Aug 29, 2018 at 09:12:34PM +0100, Steve Basford wrote:
> Had a reply back regarding the false positives
> 
> 
> Hello,
> ?
> ?Thank you for contacting us and for reporting potential problems
> with our ClamAV signatures. The two entries mentioned were removed
> from the block lists and data feeds a few days ago. Our users and
> customers should be able to download new versions of the feeds
> according to their subscriptions.
> ?
> ?Our means of communication for reporting problems or to ask for
> assistance is via this email address: supp...@malwarepatrol.net.
> We'd appreciate if you could direct anybody with inquiries to
> directly contact us.
> ?
> ?Once again, thank you for reporting this issue.
> ?
> ?Regards,
> ?
> ?Luciana
> ?Malware Patrol Team

-- 
Mark G. Thomas (m...@misty.com), KC3DRE
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] secure download of .cvd files ?

[Michael Orlitzky]

On 08/31/2018 05:00 AM, Henrik Hoeg Thomsen1 wrote:
> wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net

This is probably exploitable by anyone on the system to gain root. If I
create the file /tmp/daily.cvd (remember that /tmp is world-writable),

  $ touch -d '2018-01-01 00:00:00' /tmp/daily.cvd

Then your update job will write to my file:

  $ sudo wget -q -m -nd -P /tmp http://db.local.clamav.net:/daily.cvd
  ...

Thanks to the "-m" flag, I still own that file, and I can write whatever
bad stuff I want in there after you verify its contents:

  $ ls -lh /tmp/daily.cvd
  -rw-r--r-- 1 mjo mjo 48M 2018-08-31 00:46 /tmp/daily.cvd

There are various reports floating around showing how clamav is not
robust against malicious signatures (potentially leading to root
access); but regardless it's a pretty bad thing that anyone on the
machine can overwrite all of your signatures with malicious ones.

To fix it: if you're going to use a file under /tmp, then use a secure
function like mktemp() to obtain it. But if you're running this job as a
specific user, you might as well give him a special place to work like
/var/tmp/clamav-updates that is accessible only to that user. The
problem is unique to /tmp because of it's world-writable permissions.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Malwarepatrol false positive

[Reindl Harald]

Am 27.08.2018 um 20:16 schrieb Mark G Thomas:
> This seems to be an ongoing trend.
> 
> I can't believe someone thought this would be a good idea!
> 
> # sigtool --find-sigs MBL_13087222 | sigtool --decode-sigs
> VIRUS NAME: MBL_13087222
> DECODED SIGNATURE:
> https://docs.google.com

that happens when you let users which are mostly idiots submit samples
without proper review and in doubt ignore, be it bayes, uribl or signatures
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Macro virus missed...

[Groach]

The one thing that we do know is that you shouldnt have expectations of 
ClamAV to be effective for Zero Hour, or even Zero Day (or some could 
argue more) effective and you really shouldnt expect such immediate 
response or effectiveness. (They will have their reasons - team size, 
techology, reliance on public etc). To give you a realistic idea - a 
recent FP I had and reported (involving marking a shed load of PDF's 
that go back several years long before the supposed threat was even 
invented) took 4 days to be removed after being reported.


For more immediate effectiveness then, yes, you should be relying on 
Sane (or others).


Any 24hour released threats have (for my system) always been detected by 
Sane (I rarely get Clam detecting anything as the threat has since been 
detected by Sane and remove, or the threat is no longer prevalent, by 
the time matching ClamAV sigs get released).


You asked about expectation and requirements to rely on Sane:  I believe 
the above is the answer giving a true reflection of the facts from my 
experience.


On 31/08/2018 03:34, Alex wrote:

Hi,
I submitted a false-negative about six hours ago and it hasn't yet
been detected and still seeing them being received. I don't want to
post it here to further enable the scammers, but this is the
virustotal entry:

https://www.virustotal.com/#/file/ef65f07bf10746665d308e147a6a86329c169e1ac86e7e414ae5a809210775c1/detection

A dozen other antivirus vendors are blocking them now - why not
clamav? How does the process of adding new signatures work? Is there a
staff of people working on this or something less?

I realize it's free, and I'm not complaining - just want to know what
I should expect. We've also contributed to Steve's effort at Sane, but
should we be relying on him?

Thanks,
Alex
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] secure download of .cvd files ?

[Henrik Hoeg Thomsen1]

Thank you Arnaud.
This will mitigate my compliance issue.



---
Henrik Høg Thomsen
Senior IT Specialist - IBM - IPG
IBM Danmark ApS
Kongevejen 495 B
2840 Holte, Danmark
CVR nr.: 65305216 
tlf +45 51638561 mail h...@dk.ibm.com




From:   Arnaud Jacques 
To: clamav-users@lists.clamav.net
Date:   2018/08/31 11:53
Subject:Re: [clamav-users] secure download of .cvd files ?
Sent by:"clamav-users" 





Le 31/08/2018 à 11:00, Henrik Hoeg Thomsen1 a écrit :
> Do clamav offer a encrypted download alternative to the unencrypted http 

> based wget used to update the signatue database?

May be : 
https://packages.microsoft.com/clamav/

Should be enough reliable.

-- 
Cordialement / Best regards,

Arnaud Jacques
Gérant de SecuriteInfo.com

Téléphone : +33-(0)3.44.39.76.46
E-mail : a...@securiteinfo.com
Site web : 
https://www.securiteinfo.com

Facebook : 
https://www.facebook.com/pages/SecuriteInfocom/132872523492286

Twitter : @SecuriteInfoCom

Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users



Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq


http://www.clamav.net/contact.html#ml





Medmindre andet er angivet ovenfor: / Unless Otherwise Stated Above:
IBM Danmark ApS
Kongevejen 495 B
2840 Holte, Danmark
CVR nr.: 65305216___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] secure download of .cvd files ?

[Joel Esler (jesler)]

Agreed. But it wasn’t something we could support.   Now we can.   It that it 
matters, but at least we can now.  

Sent from my iPhone

> On Aug 31, 2018, at 07:16, Al Varnell  wrote:
> 
> And the answer is the same as it was then. There is nothing to be gained by 
> supporting https. There is nothing sensitive about the database. Each 
> component is verified as genuine after downloaded. And the impact on the 
> servers is less.
> 
> -Al-
> 
>> On Fri, Aug 31, 2018 at 04:07 AM, Arnaud Jacques wrote:
>> 
>> That's why I asked in 2014 about freshclam support of SSL :
>> 
>> http://lists.clamav.net/pipermail/clamav-users/2014-December/001098.html
>> 
>> 
>>> Le 31/08/2018 à 12:08, Al Varnell a écrit :
>>> I'm not aware of any, but all database components are verified for 
>>> authenticity by freshclam after download.
>>> -Al-
 On Fri, Aug 31, 2018 at 02:00 AM, Henrik Hoeg Thomsen1 wrote:
 Do clamav offer a encrypted download alternative to the unencrypted http 
 based wget used to update the signatue database?
 
 wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
 /daily.cvd
 wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
 /main.cvd 
> 
> 
> 
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] secure download of .cvd files ?

[Al Varnell]

OK, well then it's almost the same as it was back in 2014.

-Al-

On Fri, Aug 31, 2018 at 04:09 AM, Joel Esler (jesler) wrote:
> 
> You should be able to do it it now.  However, freshclam doesn’t support ssl.  
> When we get ssl built into freshclam, https redirection would be available.  
> 
> But I couldn’t do it before with the mirrors the way they were.   We can now. 
>  
> 
> Sent from my iPhone
> 
>> On Aug 31, 2018, at 07:07, Arnaud Jacques  wrote:
>> 
>> That's why I asked in 2014 about freshclam support of SSL :
>> 
>> http://lists.clamav.net/pipermail/clamav-users/2014-December/001098.html
>> 
>> 
>>> Le 31/08/2018 à 12:08, Al Varnell a écrit :
>>> I'm not aware of any, but all database components are verified for 
>>> authenticity by freshclam after download.
>>> -Al-
 On Fri, Aug 31, 2018 at 02:00 AM, Henrik Hoeg Thomsen1 wrote:
 Do clamav offer a encrypted download alternative to the unencrypted http 
 based wget used to update the signatue database?
 
 wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
 /daily.cvd
 wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
 /main.cvd 
>>> ___
>>> clamav-users mailing list
>>> clamav-users@lists.clamav.net
>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>> http://www.clamav.net/contact.html#ml
>> 
>> -- 
>> Cordialement / Best regards,
>> 
>> Arnaud Jacques
>> Gérant de SecuriteInfo.com
>> 
>> Téléphone : +33-(0)3.44.39.76.46
>> E-mail : a...@securiteinfo.com
>> Site web : https://www.securiteinfo.com
>> Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
>> Twitter : @SecuriteInfoCom
>> 
>> Securiteinfo.com
>> La Sécurité Informatique - La Sécurité des Informations.
>> 266, rue de Villers
>> 60123 Bonneuil en Valois
>> ___
>> clamav-users mailing list
>> clamav-users@lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>> 
>> 
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> 
>> http://www.clamav.net/contact.html#ml
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

-Al-
-- 
Al Varnell
Mountain View, CA






smime.p7s
Description: S/MIME cryptographic signature
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] secure download of .cvd files ?

[Al Varnell]

And the answer is the same as it was then. There is nothing to be gained by 
supporting https. There is nothing sensitive about the database. Each component 
is verified as genuine after downloaded. And the impact on the servers is less.

-Al-

On Fri, Aug 31, 2018 at 04:07 AM, Arnaud Jacques wrote:
> 
> That's why I asked in 2014 about freshclam support of SSL :
> 
> http://lists.clamav.net/pipermail/clamav-users/2014-December/001098.html
> 
> 
> Le 31/08/2018 à 12:08, Al Varnell a écrit :
>> I'm not aware of any, but all database components are verified for 
>> authenticity by freshclam after download.
>> -Al-
>> On Fri, Aug 31, 2018 at 02:00 AM, Henrik Hoeg Thomsen1 wrote:
>>> Do clamav offer a encrypted download alternative to the unencrypted http 
>>> based wget used to update the signatue database?
>>> 
>>> wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
>>> /daily.cvd
>>> wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
>>> /main.cvd 





smime.p7s
Description: S/MIME cryptographic signature
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] secure download of .cvd files ?

[Joel Esler (jesler)]

You should be able to do it it now.  However, freshclam doesn’t support ssl.  
When we get ssl built into freshclam, https redirection would be available.  

But I couldn’t do it before with the mirrors the way they were.   We can now.  

Sent from my iPhone

> On Aug 31, 2018, at 07:07, Arnaud Jacques  wrote:
> 
> That's why I asked in 2014 about freshclam support of SSL :
> 
> http://lists.clamav.net/pipermail/clamav-users/2014-December/001098.html
> 
> 
>> Le 31/08/2018 à 12:08, Al Varnell a écrit :
>> I'm not aware of any, but all database components are verified for 
>> authenticity by freshclam after download.
>> -Al-
>>> On Fri, Aug 31, 2018 at 02:00 AM, Henrik Hoeg Thomsen1 wrote:
>>> Do clamav offer a encrypted download alternative to the unencrypted http 
>>> based wget used to update the signatue database?
>>> 
>>> wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
>>> /daily.cvd
>>> wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
>>> /main.cvd 
>> ___
>> clamav-users mailing list
>> clamav-users@lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> http://www.clamav.net/contact.html#ml
> 
> -- 
> Cordialement / Best regards,
> 
> Arnaud Jacques
> Gérant de SecuriteInfo.com
> 
> Téléphone : +33-(0)3.44.39.76.46
> E-mail : a...@securiteinfo.com
> Site web : https://www.securiteinfo.com
> Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
> Twitter : @SecuriteInfoCom
> 
> Securiteinfo.com
> La Sécurité Informatique - La Sécurité des Informations.
> 266, rue de Villers
> 60123 Bonneuil en Valois
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] secure download of .cvd files ?

[Arnaud Jacques]

That's why I asked in 2014 about freshclam support of SSL :

http://lists.clamav.net/pipermail/clamav-users/2014-December/001098.html


Le 31/08/2018 à 12:08, Al Varnell a écrit :
I'm not aware of any, but all database components are verified for 
authenticity by freshclam after download.


-Al-

On Fri, Aug 31, 2018 at 02:00 AM, Henrik Hoeg Thomsen1 wrote:
Do clamav offer a encrypted download alternative to the unencrypted 
http based wget used to update the signatue database?


wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
/daily.cvd
wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
/main.cvd 



___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



--
Cordialement / Best regards,

Arnaud Jacques
Gérant de SecuriteInfo.com

Téléphone : +33-(0)3.44.39.76.46
E-mail : a...@securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom

Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] secure download of .cvd files ?

[Al Varnell]

I'm not aware of any, but all database components are verified for authenticity 
by freshclam after download.

-Al-

On Fri, Aug 31, 2018 at 02:00 AM, Henrik Hoeg Thomsen1 wrote:
> Do clamav offer a encrypted download alternative to the unencrypted http 
> based wget used to update the signatue database? 
> 
> wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
> /daily.cvd 
> wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: 
> /main.cvd 


smime.p7s
Description: S/MIME cryptographic signature
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] secure download of .cvd files ?

[Arnaud Jacques]

Le 31/08/2018 à 11:00, Henrik Hoeg Thomsen1 a écrit :
Do clamav offer a encrypted download alternative to the unencrypted http 
based wget used to update the signatue database?


May be : https://packages.microsoft.com/clamav/
Should be enough reliable.

--
Cordialement / Best regards,

Arnaud Jacques
Gérant de SecuriteInfo.com

Téléphone : +33-(0)3.44.39.76.46
E-mail : a...@securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom

Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] secure download of .cvd files ?

[Henrik Hoeg Thomsen1]

Do clamav offer a encrypted download alternative to the unencrypted http 
based wget used to update the signatue database?

wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net:
/daily.cvd 
wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net:
/main.cvd 



---
Henrik Høg Thomsen
Senior IT Specialist - IBM - IPG
IBM Danmark ApS
Kongevejen 495 B
2840 Holte, Danmark
CVR nr.: 65305216 
tlf +45 51638561 mail h...@dk.ibm.com

Medmindre andet er angivet ovenfor: / Unless Otherwise Stated Above:
IBM Danmark ApS
Kongevejen 495 B
2840 Holte, Danmark
CVR nr.: 65305216___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml