Anyone has encountered this, i can see the transfer is not encrypted and secure
when doing a remote scan ,
I captured the packet on the remote server and i can see the data as clear text
,
[Timestamps]
[Time since first frame in this TCP stream: 0.000209756 seconds]
[Time since previous frame in this TCP stream: 0.000037349 seconds]
TCP payload (28 bytes)
Data (28 bytes)
0000 00 00 00 14 74 68 69 73 20 69 73 20 61 20 74 65 ....this is a te
0010 73 74 20 66 69 6c 65 0a 00 00 00 00 st file.....
Data: 0000001474686973206973206120746573742066696c650a...
[Length: 28]
________________________________
From: clamav-users <[email protected]> on behalf of Khodor
Barakat via clamav-users <[email protected]>
Sent: Tuesday, July 2, 2024 4:03 PM
To: [email protected] <[email protected]>
Cc: Khodor Barakat <[email protected]>
Subject: [clamav-users] Inquiry About Security Measures for Remote Scanning
Using Clamdscan
Hi, everyone
I am writing to inquire about the security measures implemented when using
ClamAV's clamdscan for remote scanning, particularly when streaming to port
3310.
clamdscan -c /etc/clamd.d/remote-scan.conf --fdpass --stream /tmp/testfile.txt
cat /etc/clamd.d/remote-scan.conf
LogSyslog yes
StreamMaxLength 10M
User clamscan
TCPSocket 3310
TCPAddr 192.168.1.100
Does anyone have information on the security protocols and safeguards in place
in order to protect data during remote scans?
Thank you for your assistance
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
