Re: [clamav-users] n00b question: signatures enabled?
Vincent Fox skrev den 2013-07-26 21:44: I've been puzzling over a ClamAV installation I was handed. ? Is there an easy way to verify which signatures are being loaded/used? ? if it exists in databasedir then its used, unless its disabled in clamd.conf when clamd starts see its logs It's not clear to me, where you go to enable/disable signatures. disable signatures is possible with ignore file defination, see and example in sigtool --unpack-current=daily in the ign2 extenion filename I see quite a lot of signatures being downloaded by freshclam and/or the unofficial-sigs.sh jobs. +1 :) i hope you disable some in there setups if only 6 hits ? However I don't see evidence in my maillogs of hits on more than 6 of them. We have fairly busy mail routers so I'd expect to hit on some of the others at least once a day. what are your problem really ?, out of mem ? so far i have not seen virus from main.cvd yet :( clamav team can begin make databases so its possible to drop very old signatures that does not hit anywhere, but still create a new store-yaer.cvd with all the old signature just in case anyone like to use it where mem is not a concern, where year is here 2013 or 2012 so freshclam dont waste trafic on sync again I hunted around on Wiki/FAQ and web searches couldn't find an answer to this. you are the first that asked imho, i think freshclam should have git update sync aswell, more or less i see safebrowsing now dont work with scripted updates, i dont know what the heck google does there, not even mirror there own database files, hmp ! ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] n00b question: signatures enabled?
Vincent Fox skrev den 2013-07-26 23:07: Found the answer to part of my question with: clamconf -n I still have a problem that previous admin was downloading lots of unofficial signatures, to a place that clamd isn't paying any attention to. Working on that part. join http://sanesecurity.com/ maillists, it helpfull mailadmins there, possible aswell here, as its stated in clamav DONT PANIC :) ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
[clamav-users] n00b question: signatures enabled?
Hi, I've been puzzling over a ClamAV installation I was handed. Is there an easy way to verify which signatures are being loaded/used? It's not clear to me, where you go to enable/disable signatures. I see quite a lot of signatures being downloaded by freshclam and/or the unofficial-sigs.sh jobs. However I don't see evidence in my maillogs of hits on more than 6 of them. We have fairly busy mail routers so I'd expect to hit on some of the others at least once a day. I hunted around on Wiki/FAQ and web searches couldn't find an answer to this. Thanks! ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] n00b question: signatures enabled?
Found the answer to part of my question with: clamconf -n I still have a problem that previous admin was downloading lots of unofficial signatures, to a place that clamd isn't paying any attention to. Working on that part. Thanks! On 07/26/2013 12:44 PM, Vincent Fox wrote: Hi, I've been puzzling over a ClamAV installation I was handed. Is there an easy way to verify which signatures are being loaded/used? It's not clear to me, where you go to enable/disable signatures. I see quite a lot of signatures being downloaded by freshclam and/or the unofficial-sigs.sh jobs. However I don't see evidence in my maillogs of hits on more than 6 of them. We have fairly busy mail routers so I'd expect to hit on some of the others at least once a day. I hunted around on Wiki/FAQ and web searches couldn't find an answer to this. Thanks! ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml