If you are able to download from the web site to a media that can be brought in (not the most secure situation, of course) then simply use the same computer you are using to download these updates to run freshclam, copy the already verified database of CVD/CLD’s and problem solved.
-Al- On Thu, Sep 29, 2016 at 07:51 PM, Alexey Salmin wrote: > > Thanks for your replies. > > My particular use case is a network that is physically disconnected > from the internet. Storage devices are allowed though, so I bring a > fresh virus database from time to time. It's used to run nightly scans > on shared network filesystems where malware occasionally show up. I > guess it comes from storage devices too and that was mostly fixed by > installing USB Disk Security on Windows machines. However it only > helps from autoruns, not from infected binaries, so scheduled scans > are still needed (and I think that's a good practice anyway). > > Long story short: what is the recommended way to handle this scenario? > I'm thinking of setting up a local mirror on the internet-capable > machine and then take CVDs from there (with checksums or whatsoever). > > PS You may wonder if I'm the fool admin mentioned above but that's not > the case (at least the admin part). I'm a user of this network who > volunteered to help with the malware problem with no budget or means > to change security rules. > > Alexey > > On Fri, Sep 30, 2016 at 6:40 AM, Reindl Harald <h.rei...@thelounge.net> wrote: >> >> Am 30.09.2016 um 01:20 schrieb SCOTT PACKARD: >>> >>> Some of us clamav users are behind rather substantial proxies and can't >>> pull them easily. >>> It's nice to have a place to download them. Just FYI. >> >> >> sorry, but in that case these problems needs to be solved with the fools of >> admins (or that admins replaced) responsible for only one part of the >> infrastructure, blocking anything for security reasons and then at the same >> time blocking update sof security software which is just pervert >> >>> -----Original Message----- >>> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On >>> Behalf Of Joel Esler (jesler) >>> Sent: Thursday, September 29, 2016 3:23 PM >>> To: ClamAV users ML <clamav-users@lists.clamav.net> >>> Subject: Re: [clamav-users] Feature request: show checksums of virus >>> databases on the clamav.net website >>> >>> We really don’t want people downloading the cvd’s through the browser >>> directly on the website. We really want to encourage people to use >>> Freshclam to do this. >>> >>> -- >>> Joel Esler >>> Manager >>> Talos Group >>> http://www.talosintelligence.com >>> >>> On Sep 29, 2016, at 12:21 PM, Alexey Salmin >>> <alexey.sal...@gmail.com<mailto:alexey.sal...@gmail.com>> wrote: >>> >>> Sorry if this had been proposed before, nothing showed up in my search. >>> >>> I suggest to display checksums (MD5, SHA or both) on the website next >>> to CVD download links on the >>> www.clamav.net/downloads<http://www.clamav.net/downloads> page. This will >>> provide a user with: >>> 1) A simple way to check if files were updated since the last >>> download. It takes time to fetch the main.cvd. I realize that this >>> should be possible with a custom HTTP query but it's not convenient in >>> case you're simply using a browser to get the file. >>> 2) A quick and a standard way to validate the integrity of the file, >>> without going into CVD internals and digital signatures >> >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml -Al- -- Al Varnell Mountain View, CA
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
