Hi everybody,
I assume that when I run "freshclam", the virus database is updated over
an unencrypted and plain http connection.
The default configuration doesn't seem to use https.
Isn't this kind of insecure (Man-in-the-middle-attacks, etc.)?
Are there any https mirrors available and, if yes, how can I configure
ClamAV to use these instead?
Or is some kind of verification of the data happening in the background
(such as apt in Debian is using GPG)?
Hope you can help me with this. Thanks
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml