Hello! ClamAV may be configured to use TCP so that your scanning client (traditionally clamdscan) may be on a different machine than your scanning engine (clamd). This is not recommended for an unsecured network. This wasn’t designed to be a secure solution and doesn’t provide any sort of encryption or authentication between the client and engine.
It’s an issue has been discussed in this mailing list before. In 2016 there was a blog post about it http://blog.clamav.net/2016/06/regarding-use-of-clamav-daemons-tcp.html. We also have a feature request ticket in our Bugzilla ticket queue to secure the TCP socket feature but sadly we haven’t had the time to implement it. With that said, it sounds like you’re using a 3rd party java-based ClamAV client in your system. You may want to speak with the developers of your system about having a secure file transfer for scanning take place between two Java-based programs with a Java-based client in your Docker container that interacts locally (in your Docker container) with clamd over unix sockets instead of TCP sockets. In the short term, if you absolutely must use your current implementation, you could consider hosting your Docker container inside a secure VPN and connect each client machine to the VPN to provide some security between your client applications and your ClamAV docker container. Regards, Micah Micah Snyder Software Engineer Talos Intelligence Cisco Systems, Inc. On Nov 28, 2017, at 6:22 PM, Kiran Shetty <kiran.shett...@gmail.com<mailto:kiran.shett...@gmail.com>> wrote: Hi, I have a Docker image with ClamAV to perform virus scan. I have a java application from which I am sending the file that needs to be scanned to Docker container using Clamav client. I see that the ClamAV client is using using Java socket (not SSLSocket) to open connection. Is there a way to secure the TCP connection? Please advise. Thanks, Kiran _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
