On Thu, Jan 06, 2005 at 08:10:33PM +0300, Arkady V.Belousov said: > Hi! > > 5-???-2005 18:52 [EMAIL PROTECTED] (Stephen Gran) wrote to > [email protected]: > > >> - how ClamAV virus base files are related? For example, Dr.Web contains one > [...] > >> are newer, than main base.) How builded ClamAV bases and which > >> files/names > >> used for this? > SG> There is a main.db and a daily.db. Every so often, signatures from > SG> daily.db are pushed into main.db. > > "Pushed"? Do you mean, that some ClamAV component (which one?) > permanently modifies main.db? How it detects, that it should make another > change to main.db? And how to be sure, that some updates wasn't missed?
Pushed manually, by the ClamAV team. The the new files are then uploaded. The ClamAV software suite itself does no merging. And I missspoke - the files are main.cvd and daily.cvd - I must have been thinking of the old naming scheme or something. Sorry about that. > >> - how to receive updates (beside online access through internet) for ClamAV > SG> Most of the time the updates are only to daily.db, > > ? I am not sure what the question is. > SG> and it is fairly small (175K here). > > 175k isn't "fairly small". :) :( It takes about 30 seconds on a 56K modem. I call that fairly small. > SG> There does not seem to be a way around getting them from the mirrors, > SG> at least at some point in the chain - it would be trivial to fetch, > > "Fetch" from where (without online)? (BTW, updates for my previous > Dr.Web installation I get through email and from their BBS.) Presumably, if you can get email, you have some access to the internet at some place. This is where you can fetch the updates. It would be trivial to write a script that fetched the updates and emailed them to you, if that's what you want. > SG> put on some medium, and carry them over to the > SG> machines in question, though, if you prefer that. > > BTW, how ClamAV bases are protected against deception? The individual cvd files are signed and have md5sum markers that allows freshclam to check them. So long as you don't modify the files, it doesn't really matter to freshclam where they come from. > >> - (my friend asks) Is there possible to configure downloading/updating > >> bases > >> through specific places? For example, he updates ClamAV bases on the LAN > >> server and ClamAV on client machines updates itself from this server? If > >> this is not possible with built-in tools of ClamAV, how you recommend to > >> resolve this task? > SG> Yes - have the LAN server update from the regular mirrors, and have all > SG> the other clients update from the LAN server. Just put up a website, > > Website? Do you mean, that he (friend) should run on his LAN server IIS > (MS Internet Information Service) and be open for attacks? No, I meant he should run a webserver. IIS is primarily a security hole, and it just so happens that it can also serve webpages, but it is not what I meant by a webserver. I am trying to give you ideas; if they make you unhappy, I'm sorry. -- -------------------------------------------------------------------------- | Stephen Gran | I think the world is run by C students. | | [EMAIL PROTECTED] | -- Al McGuire | | http://www.lobefin.net/~steve | | --------------------------------------------------------------------------
pgp1YAMUyeO3r.pgp
Description: PGP signature
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
