Hi Mark/Kris, Thank you for your responses. I have placed the *fireeye.ldb* file under the directory /var/lib/clamav/ and modified the permission to 644 and ownership to clamav. Then we have restarted the service Clamav-Deamon and then started clamscan. However, Clamscam is not picking up the *fireeye.ldb* file when we verify the Freshclam.log and clamav.log files.
Are there any configuration settings that need to add for *clamd.conf* or *freshclam.conf* in order to pick up the fireeye.ldb file during clamscan? On Mon, Dec 14, 2020 at 4:20 PM Mark Allan via clamav-users < [email protected]> wrote: > Hi Sandeep, > > There's no need to convert them. Just put them straight into the clamav > database directory and call them whatever_you_want.ldb eg > /var/lib/clamav/fireeye.ldb > > As long as the name you choose doesn't conflict with ClamAV's naming (eg > main/daily/bytecode etc), the only bits you need to work about are keeping > the 'ldb' extension, and ensuring the files are in the correct location > with the correct ownership and permissions. > > Mark > > On 14 Dec 2020, at 8:33 pm, Sandeep Talla <[email protected]> > wrote: > > Hi All, > > We have ClamAV installed on Ubuntu. On Ubuntu, the rules can be specified > or modified under the directory */var/lib/clamav/main.cvd*. However, We > are trying to consume ClamAV rules from the FireEye as shown below > link which is* .ldb* file and we are trying to convert to *.cvd* format. > > Could you please let us know the steps on how to convert the* .ldb* to > *.cvd?* Or how to consume the* .ldb *file in Ubuntu? > > > FireEye: > > https://github.com/fireeye/red_team_tool_countermeasures/blob/master/all-clam.ldb > <https://github.com/fireeye/red_team_tool_countermeasures/blob/master/all-clam.ldb> > > Thank you for your time and consideration. > > -- > Thanks, > Sandeep > > _______________________________________________ > > clamav-users mailing list > [email protected] > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > > > > _______________________________________________ > > clamav-users mailing list > [email protected] > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > -- Thanks, Sandeep Talla
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
