Hi!
6-Янв-2005 12:48 [EMAIL PROTECTED] (Stephen Gran) wrote to
[email protected]:
>> >> - how to receive updates (beside online access through internet) for
>> >> ClamAV
>> SG> Most of the time the updates are only to daily.db,
>> ?
SG> I am not sure what the question is.
Question is: how update bases, if I have no online access?
>> SG> and it is fairly small (175K here).
>> 175k isn't "fairly small". :) :(
SG> It takes about 30 seconds on a 56K modem. I call that fairly small.
agora web-to-email robot limitation is near to 200k. BTW, is there ftp
sites with bases?
>> SG> There does not seem to be a way around getting them from the mirrors,
>> SG> at least at some point in the chain - it would be trivial to fetch,
>> "Fetch" from where (without online)? (BTW, updates for my previous
>> Dr.Web installation I get through email and from their BBS.)
SG> Presumably, if you can get email, you have some access to the internet
SG> at some place.
"email" != "internet". Email is email (I use uupc), internet (tcp/ip
and other higher level protocols) is internet.
SG> This is where you can fetch the updates. It would be trivial to write a
SG> script that fetched the updates and emailed them to
SG> you, if that's what you want.
These scripts should be placed somewhere, where is online access. But I
have no such places near me (by some reasons).
>> BTW, how ClamAV bases are protected against deception?
SG> The individual cvd files are signed and have md5sum markers that allows
SG> freshclam to check them. So long as you don't modify the files, it
SG> doesn't really matter to freshclam where they come from.
Freshclam? Do you mean, that ClamAV itself doesn't protected against
decepted/broken bases?
>> >> - (my friend asks) Is there possible to configure downloading/updating
>> >> bases
>> >> through specific places? For example, he updates ClamAV bases on the LAN
>> SG> Yes - have the LAN server update from the regular mirrors, and have all
>> SG> the other clients update from the LAN server. Just put up a website,
>> Website? Do you mean, that he (friend) should run on his LAN server IIS
>> (MS Internet Information Service) and be open for attacks?
SG> No, I meant he should run a webserver. IIS is primarily a security hole,
_Any_ webserever is (potentially) security hole, especially if you
don't know how to right configure it. Even apache isn't perfect in both
senses.
SG> and it just so happens that it can also serve webpages, but it is not
SG> what I meant by a webserver.
SG> I am trying to give you ideas; if they make you unhappy, I'm sorry.
Ok, I see, this is impossible (by built-in tools). :( Fortunately, my
friend says, that he will be satisfied by pointing common network place
(which will be used by all clients as place of bases).
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
