Thanks for the quick replies and information, this helps greatly and is much appreciated! On Jan 29, 2016 03:28, "Steve Basford" <[email protected]> wrote:
> > On Thu, January 28, 2016 10:29 pm, Brad Scalio wrote: > > Is there any integrity or authenticity checks within freshclam when it > > connects to the clamAV servers to download the virus signature databases? > > Hi Brad, > > Just to cover 3rd Party (.UNOFFICIAL) signatures. > > Signatures produced by Sanesecurity and/or distributed by Sanesecurity > mirrors are first created and/or downloaded then checked against a HAM > folder and finally signed with GPG. > > In addition, md5/sha256 hashes are also produced. > > Download scripts check the GPG and/or hashes depending on which script > you use. > > As Sanesecurity have been doing this for 10 years this year, hopefully > the GPG key can be trusted ;) > > Cheers, > > Steve > Web : sanesecurity.com > Blog: sanesecurity.blogspot.com > Twitter: @sanesecurity > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
