Hi All, Currently have a RHEL server in a DMZ segment, where direct internet access is not permitted. I have installed clamd on the host to be able to perform on access scanning of documents uploaded through web based forms. The problem is, what can I do to update the definitions so that the latest threat data is being used in said scans?
I doubt that tcp/53 will be permitted out of the firewall to do the latest DNS checks and not sure if I can gain access to be able to whitelist the .au mirrors of: $ host db.au.clamav.net db.au.clamav.net is an alias for db.au.clamav.net.cdn.cloudflare.net. db.au.clamav.net.cdn.cloudflare.net has address 104.16.186.138 db.au.clamav.net.cdn.cloudflare.net has address 104.16.187.138 db.au.clamav.net.cdn.cloudflare.net has address 104.16.188.138 db.au.clamav.net.cdn.cloudflare.net has address 104.16.189.138 db.au.clamav.net.cdn.cloudflare.net has address 104.16.185.138 Is there a way that I can copy the files from another server internal to the network out to the server in the DMZ? Without running freshclam to update? And just reload clamd? I did investigate the PrivateMirror and DatabaseMirror options, but as this is the same protocol going out as coming in with the requests, I doubt security will permit HTTP traffic to an internal host as it does not pass the protocol separation requirements. Any ideas of options? Cheers and thanks
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
