Re: [clamav-users] https support for freshclam
Respected Sir/Madam, Could you tell me step-wise how to install stable version 0.98.5 from source code in ubuntu??? --- Naresh On Tue, Dec 30, 2014 at 8:15 AM, Dennis Peterson denni...@inetnw.com wrote: If I were in your position I'd also use rsync as that is what I did when I was in your position (retirement is a fine thing). It also provides a very atomic-like operation so if clamd or clamscan needed to read the signatures they're not in a half-there state. Your case involves protecting intellectual property and that is justification for just about any solution you can come up with. dp On 12/29/14 6:43 AM, Torge Husfeldt wrote: Hi, Am 24.12.2014 um 12:09 schrieb Arnaud Jacques / SecuriteInfo.com: Le mardi 23 décembre 2014, 10:56:37 Dennis Peterson a écrit : Second try: What problem are you trying to solve with https? Privacy. I'd like to expand upon this. For the standard use-case using the official sources this might be irrelevant and actually present more draw-backs than advantages. But: just like the original poster we have a DB of internal signatures and we had to solve the exact same problem. We resolved not to use freshclam at all but rsync/sigUSR1 the updated signatures to our ~20k Servers. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] https support for freshclam
Hi, Am 24.12.2014 um 12:09 schrieb Arnaud Jacques / SecuriteInfo.com: Le mardi 23 décembre 2014, 10:56:37 Dennis Peterson a écrit : Second try: What problem are you trying to solve with https? Privacy. I'd like to expand upon this. For the standard use-case using the official sources this might be irrelevant and actually present more draw-backs than advantages. But: just like the original poster we have a DB of internal signatures and we had to solve the exact same problem. We resolved not to use freshclam at all but rsync/sigUSR1 the updated signatures to our ~20k Servers. The problem is that http does not support privacy nor authenticity. Which means: 1. anyone can read the private signatures 2. anyone can meddle with them Afaict clamav still does not issue secodary certificates to sign private sets of signatures which would be another way to address the second point. The data contain no secrets and are freely available to any who wish to have it, so the immediate effect of encryption is unneeded. This only applies to the official signatures. From context I'm guessing the original poster is not referring to those (hence the custom-url). Public information, but private usage. I believe in this philosophy : https://www.eff.org/encrypt-the-web Secondarily, https creates a greater server load to encrypt the data, With nowadays CPUs, that's not a problem trusted SSL certs are an added expense, Trusted SSL is authentication of the serveur. Could be a good thing for downloading high security tools, like antivirus signatures that protect your network. Anyway, you can do SSL without trusting certificate. Even if it is a bad idea. and the additional bandwidth is also not free - someone is paying for it. True. But this is not so important, according to https://stackoverflow.com/questions/149274/http-vs-https-performance This link is interesting too : https://www.httpvshttps.com/ This seems to me to be a gratuitous use of https but I don't yet know your purpose for doing so. My idea is not replacing HTTP with HTTPS. It is just adding support for HTTPS to freshclam. Many website have switched from HTTP to SSL in the last years. I guess this is the natural evolution of the web. This is my opinion. -- Torge Husfeldt Senior Anti-Abuse Engineer Abuse-Department 11 International 11 Internet Service GmbH | Brauerstraße 50 | 76135 Karlsruhe | Germany Phone: +49 721 91374-4795 E-Mail: torge.husfe...@1und1.de | Web: www.1und1.de Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 20141 Geschäftsführer: Frank Einhellinger, Uwe Lamnek, Jan Oetjen Member of United Internet Diese E-Mail kann vertrauliche und/oder gesetzlich geschützte Informationen enthalten. Wenn Sie nicht der bestimmungsgemäße Adressat sind oder diese E-Mail irrtümlich erhalten haben, unterrichten Sie bitte den Absender und vernichten Sie diese E-Mail. Anderen als dem bestimmungsgemäßen Adressaten ist untersagt, diese E-Mail zu speichern, weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient of this e-mail, you are hereby notified that saving, distribution or use of the content of this e-mail in any way is prohibited. If you have received this e-mail in error, please notify the sender and delete the e-mail. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] https support for freshclam
Hi there, On Mon, 29 Dec 2014, Torge Husfeldt wrote: ... The problem is that http does not support privacy nor authenticity. ... I suggest that the problem is more likely that you've never heard of OpenVPN. -- 73, Ged. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] https support for freshclam
If I were in your position I'd also use rsync as that is what I did when I was in your position (retirement is a fine thing). It also provides a very atomic-like operation so if clamd or clamscan needed to read the signatures they're not in a half-there state. Your case involves protecting intellectual property and that is justification for just about any solution you can come up with. dp On 12/29/14 6:43 AM, Torge Husfeldt wrote: Hi, Am 24.12.2014 um 12:09 schrieb Arnaud Jacques / SecuriteInfo.com: Le mardi 23 décembre 2014, 10:56:37 Dennis Peterson a écrit : Second try: What problem are you trying to solve with https? Privacy. I'd like to expand upon this. For the standard use-case using the official sources this might be irrelevant and actually present more draw-backs than advantages. But: just like the original poster we have a DB of internal signatures and we had to solve the exact same problem. We resolved not to use freshclam at all but rsync/sigUSR1 the updated signatures to our ~20k Servers. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] https support for freshclam
Le mardi 23 décembre 2014, 10:56:37 Dennis Peterson a écrit : Second try: What problem are you trying to solve with https? Privacy. The data contain no secrets and are freely available to any who wish to have it, so the immediate effect of encryption is unneeded. Public information, but private usage. I believe in this philosophy : https://www.eff.org/encrypt-the-web Secondarily, https creates a greater server load to encrypt the data, With nowadays CPUs, that's not a problem trusted SSL certs are an added expense, Trusted SSL is authentication of the serveur. Could be a good thing for downloading high security tools, like antivirus signatures that protect your network. Anyway, you can do SSL without trusting certificate. Even if it is a bad idea. and the additional bandwidth is also not free - someone is paying for it. True. But this is not so important, according to https://stackoverflow.com/questions/149274/http-vs-https-performance This link is interesting too : https://www.httpvshttps.com/ This seems to me to be a gratuitous use of https but I don't yet know your purpose for doing so. My idea is not replacing HTTP with HTTPS. It is just adding support for HTTPS to freshclam. Many website have switched from HTTP to SSL in the last years. I guess this is the natural evolution of the web. This is my opinion. -- Best regards, Arnaud Jacques SecuriteInfo.com ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] https support for freshclam
On 24/12/2014 11:09, Arnaud Jacques / SecuriteInfo.com wrote: What problem are you trying to solve with https? Privacy. The data contain no secrets and are freely available to any who wish to have it, so the immediate effect of encryption is unneeded. Public information, but private usage. If I connect to a clamav database download server anyone can work out the usage is to download a clamav database. What is being kept private? True. But this is not so important, according to https://stackoverflow.com/questions/149274/http-vs-https-performance This link is interesting too : https://www.httpvshttps.com/ http is 46% faster than HTTPS according to the test on that page. My idea is not replacing HTTP with HTTPS. It is just adding support for HTTPS to freshclam. Fine. I can't see that I need it. . ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] https support for freshclam
Hi there, On Wed, 24 Dec 2014, Arnaud Jacques / SecuriteInfo.com wrote: Le mardi 23 d?cembre 2014, 10:56:37 Dennis Peterson a ?crit : What problem are you trying to solve with https? Privacy. Then use Tor. I have no privacy problem. This is my opinion. If there's spare effort available in ClamAV development then in my opinion it should be directed to improving detection rates, not to solving problems which don't exist. -- 73, Ged. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] https support for freshclam
On Dec 24, 2014, at 6:09 AM, Arnaud Jacques / SecuriteInfo.com webmas...@securiteinfo.com wrote: Public information, but private usage. I believe in this philosophy : https://www.eff.org/encrypt-the-web Secondarily, https creates a greater server load to encrypt the data, With nowadays CPUs, that's not a problem Yeah, tell that to mirror operators. -Robert ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] https support for freshclam
Hello, freshclam does not support https protocol. Example, in freshclam.conf : DatabaseCustomURL http://www.myserver.com/signatures.hdb works DatabaseCustomURL https://www.myserver.com/signatures.hdb doesn't ERROR: DatabaseCustomURL: Not supported protocol https is more and more used for web servers. It could be a good idea if freshclam support this protocol. What do you think ? -- Best regards, Arnaud Jacques SecuriteInfo.com ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] https support for freshclam
Second try: What problem are you trying to solve with https? The data contain no secrets and are freely available to any who wish to have it, so the immediate effect of encryption is unneeded. Secondarily, https creates a greater server load to encrypt the data, trusted SSL certs are an added expense, and the additional bandwidth is also not free - someone is paying for it. This seems to me to be a gratuitous use of https but I don't yet know your purpose for doing so. dp On 12/23/14 1:14 AM, Arnaud Jacques / SecuriteInfo.com wrote: Hello, freshclam does not support https protocol. Example, in freshclam.conf : DatabaseCustomURL http://www.myserver.com/signatures.hdb works DatabaseCustomURL https://www.myserver.com/signatures.hdb doesn't ERROR: DatabaseCustomURL: Not supported protocol https is more and more used for web servers. It could be a good idea if freshclam support this protocol. What do you think ? ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml